urlscan.io logo urlscan.io
SecurityTrails logo

pastebin.com Open in urlscan Pro
172.67.34.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pastebin.net/
Effective URL: https://pastebin.com/
Submission: On December 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 6 countries across 83 domains to perform 377 HTTP transactions. The main IP is 172.67.34.170, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.com. The Cisco Umbrella rank of the primary domain is 71524.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2023. Valid for: a year.
This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.88 22612 (NAMECHEAP...)
27 172.67.34.170 13335 (CLOUDFLAR...)
1 172.217.13.168 15169 (GOOGLE)
5 104.17.25.14 13335 (CLOUDFLAR...)
7 104.22.59.199 13335 (CLOUDFLAR...)
1 172.217.13.142 15169 (GOOGLE)
9 43 172.217.13.130 15169 (GOOGLE)
1 142.250.65.170 15169 (GOOGLE)
3 18.238.64.130 16509 (AMAZON-02)
7 69.194.240.11 26120 (RHYTHMONE)
1 18.173.132.105 16509 (AMAZON-02)
4 151.101.193.229 54113 (FASTLY)
2 104.26.9.169 13335 (CLOUDFLAR...)
20 172.67.42.201 13335 (CLOUDFLAR...)
5 10 63.251.114.137 32475 (SINGLEHOP...)
4 12 68.67.160.26 29990 (ASN-APPNEX)
6 103.132.192.30 138552 (RTBHOUSE-...)
7 18.164.98.157 16509 (AMAZON-02)
4 52.5.255.134 14618 (AMAZON-AES)
36 104.21.82.134 13335 (CLOUDFLAR...)
1 14 52.46.143.56 16509 (AMAZON-02)
3 51.222.39.185 16276 (OVH)
1 1 35.208.249.213 19527 (GOOGLE-2)
3 3 54.156.40.244 14618 (AMAZON-AES)
2 2 64.74.236.159 ()
2 5 23.20.118.237 14618 (AMAZON-AES)
1 3.232.159.234 ()
2 5 198.148.27.131 19189 (PULSEPOINT)
2 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.12.158 30633 (LEASEWEB-...)
17 23.92.190.69 10913 (INTERNAP-BLK)
4 10 52.223.22.214 16509 (AMAZON-02)
2 2 159.127.42.233 ()
1 23.47.169.117 16625 (AKAMAI-AS)
17 172.217.13.194 15169 (GOOGLE)
7 142.250.72.97 15169 (GOOGLE)
22 172.217.13.193 15169 (GOOGLE)
8 142.251.40.130 15169 (GOOGLE)
1 5 172.217.13.196 15169 (GOOGLE)
1 1 35.169.93.15 14618 (AMAZON-AES)
3 3 34.150.170.96 396982 (GOOGLE-CL...)
2 2 8.2.110.134 46636 (NATCOWEB)
1 8.2.111.13 46636 (NATCOWEB)
4 4 35.207.24.140 15169 (GOOGLE)
1 3 172.217.13.102 15169 (GOOGLE)
1 1 38.68.201.140 174 (COGENT-174)
2 3 13.107.42.14 8068 (MICROSOFT...)
8 8 3.33.220.150 16509 (AMAZON-02)
1 52.21.58.192 14618 (AMAZON-AES)
1 202.233.84.1 131957 (MICROAD M...)
5 172.217.13.161 15169 (GOOGLE)
3 172.217.13.138 15169 (GOOGLE)
3 172.217.13.163 15169 (GOOGLE)
2 172.217.13.198 15169 (GOOGLE)
2 142.250.64.66 15169 (GOOGLE)
2 172.217.13.98 15169 (GOOGLE)
3 172.217.13.195 15169 (GOOGLE)
1 2 192.184.68.166 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 54.81.68.127 ()
2 74.119.119.139 19750 (AS-CRITEO)
2 4 141.95.98.64 16276 (OVH)
1 23.56.162.249 16625 (AKAMAI-AS)
2 2 96.46.186.63 7979 (SERVERS-COM)
1 1 54.208.122.33 14618 (AMAZON-AES)
1 1 52.85.61.37 ()
5 174.137.133.32 27257 (WEBAIR-IN...)
2 7 104.18.36.155 ()
7 34.197.219.74 ()
5 5 69.194.240.13 26120 (RHYTHMONE)
4 23.217.173.13 16625 (AKAMAI-AS)
1 1 69.194.242.12 ()
1 34.96.105.8 ()
1 1 82.145.213.8 ()
1 1 213.19.162.90 ()
1 2 104.19.133.76 ()
4 6 35.211.178.172 15169 (GOOGLE)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 2 207.198.113.204 13768 (COGECO-PEER1)
2 2 52.200.38.92 14618 (AMAZON-AES)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
3 4 151.101.2.49 ()
1 2 52.45.36.109 ()
2 104.36.115.113 62713 (AS-PUBMATIC)
2 2 5.161.188.99 213230 (HETZNER-C...)
1 141.95.98.65 16276 (OVH)
1 37.157.4.29 ()
1 1 67.202.105.24 ()
1 1 35.214.194.112 ()
1 23.47.168.66 ()
2 8.28.7.82 ()
377 64
1    192.64.119.88 (United States)

ASN22612 (NAMECHEAP-NET, US)
pastebin.net
27    172.67.34.170 (United States)

ASN13335 (CLOUDFLARENET, US)
pastebin.com
1    172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net
www.googletagmanager.com
5    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    104.22.59.199 (None, )

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
dsp.vlitag.com
assets.vlitag.com
1    172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net
www.google-analytics.com
43    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
1    142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
imasdk.googleapis.com
3    18.238.64.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-64-130.jfk52.r.cloudfront.net
c.amazon-adsystem.com
7    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    18.173.132.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-105.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
4    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
20    172.67.42.201 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
10    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
12    68.67.160.26 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
4    52.5.255.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-255-134.compute-1.amazonaws.com
prebid.ad.smaato.net
36    104.21.82.134 (None, )

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
14    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    54.156.40.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-40-244.compute-1.amazonaws.com
match.prod.bidr.io
2    64.74.236.159 (None, )

ASN- ()
b1sync.zemanta.com
5    23.20.118.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-118-237.compute-1.amazonaws.com
match.sharethrough.com
1    3.232.159.234 (None, )

ASN- ()
sync-amz.ads.yieldmo.com
5    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
17    23.92.190.69 (Houston, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
10    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    159.127.42.233 (None, )

ASN- ()
pulsepoint-match.dotomi.com
1    23.47.169.117 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-169-117.deploy.static.akamaitechnologies.com
a.teads.tv
17    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
pagead2.googlesyndication.com
7    142.250.72.97 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f1.1e100.net
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
22    172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net
tpc.googlesyndication.com
8    142.251.40.130 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
www.googletagservices.com
5    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
1    35.169.93.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-93-15.compute-1.amazonaws.com
aorta.clickagy.com
3    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    8.2.110.134 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    8.2.111.13 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
ad.doubleclick.net
1    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    52.21.58.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-58-192.compute-1.amazonaws.com
rtb.adentifi.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
5    172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
cdn.ampproject.org
3    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
3    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
2    172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net
s0.2mdn.net
2    142.250.64.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net
googleads4.g.doubleclick.net
2    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
googleads.g.doubleclick.net
3    172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net
www.gstatic.com
2    192.184.68.166 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    54.81.68.127 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    23.56.162.249 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-249.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    96.46.186.63 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    54.208.122.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-122-33.compute-1.amazonaws.com
ssp.disqus.com
1    52.85.61.37 (None, )

ASN- ()
s.ad.smaato.net
5    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
7    104.18.36.155 (None, )

ASN- ()
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7    34.197.219.74 (None, )

ASN- ()
cs-server-s2s.yellowblue.io
cs.yellowblue.io
5    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    23.217.173.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-173-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    69.194.242.12 (None, )

ASN- ()
ad.turn.com
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    213.19.162.90 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    104.19.133.76 (None, )

ASN- ()
cm.mgid.com
6    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.200.38.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-38-92.compute-1.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    52.45.36.109 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    5.161.188.99 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.99.188.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    37.157.4.29 (None, )

ASN- ()
cm.adform.net
1    67.202.105.24 (None, )

ASN- ()
ssc-cms.33across.com
1    35.214.194.112 (None, )

ASN- ()
csync.loopme.me
1    23.47.168.66 (None, )

ASN- ()
contextual.media.net
2    8.28.7.82 (None, )

ASN- ()
image8.pubmatic.com
Apex Domain
Subdomains		 Transfer
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
338 KB
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
293 KB
36 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 35885
11 KB
27 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
38 KB
27 pastebin.com
pastebin.com — Cisco Umbrella Rank: 71524
292 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
84 KB
20 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 19494
sync.quantumdex.io — Cisco Umbrella Rank: 4292
5 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
31 KB
10 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
5 KB
8 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com
24 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
data.adsrvr.org — Cisco Umbrella Rank: 5064
3 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
416 KB
8 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com
863 B
7 yellowblue.io
cs-server-s2s.yellowblue.io
cs.yellowblue.io
5 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5 KB
7 openx.net
u.openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
2 KB
7 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 40308
dsp.vlitag.com — Cisco Umbrella Rank: 63386
assets.vlitag.com — Cisco Umbrella Rank: 49048
383 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
64 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
creativecdn.com Failed
1 KB
5 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1750
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
5 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
2 KB
5 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 5775
s.ad.smaato.net
2 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
55 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
4 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100
1 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
30 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 487
fonts.googleapis.com — Cisco Umbrella Rank: 29
130 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
198 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2647
549 B
2 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com Failed
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
1 KB
2 mgid.com
cm.mgid.com
872 B
2 rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
secure-assets.rubiconproject.com Failed
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com Failed
652 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
872 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
64 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 2606
1 KB
2 dotomi.com
pulsepoint-match.dotomi.com
stx-match.dotomi.com Failed
649 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
25 KB
1 media.net
contextual.media.net
617 B
1 loopme.me
csync.loopme.me
248 B
1 33across.com
ssc-cms.33across.com
503 B
1 adform.net
cm.adform.net
106 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
272 B
1 opera.com
t.adx.opera.com
518 B
1 blismedia.com
tr.blismedia.com
173 B
1 turn.com
ad.turn.com
434 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
284 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
684 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 7197
641 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
285 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 4966
731 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 4113
517 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
428 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
611 B
1 yieldmo.com
sync-amz.ads.yieldmo.com
ads.yieldmo.com Failed
1 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
360 B
1 smartadserver.com
prg-apac.smartadserver.com Failed
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175
279 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 pastebin.net
pastebin.net
236 B
0 eqads.com Failed
um4.eqads.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 liadm.com Failed
i.liadm.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 a-mx.com Failed
id.a-mx.com Failed
0 ctnsnet.com Failed
ius.ctnsnet.com Failed
377 83
Domain Requested by
36 px.vliplatform.com
27 pastebin.com pastebin.com
25 cm.g.doubleclick.net 9 redirects 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
ce.lijit.com
eb2.3lift.com
us-u.openx.net
sync-amz.ads.yieldmo.com
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
tpc.googlesyndication.com
pastebin.com
ad.doubleclick.net
pagead2.googlesyndication.com
18 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
www.googletagservices.com
pastebin.com
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
ad.doubleclick.net
pastebin.com
pagead2.googlesyndication.com
www.googletagservices.com
17 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
assets.vlitag.com
us-u.openx.net
14 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
sync.adkernel.com
cs-server-s2s.yellowblue.io
ssum-sec.casalemedia.com
14 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
bh.contextweb.com
ce.lijit.com
match.sharethrough.com
us-u.openx.net
sync-amz.ads.yieldmo.com
12 ib.adnxs.com 4 redirects assets.vlitag.com
eb2.3lift.com
acdn.adnxs.com
10 eb2.3lift.com 4 redirects sync.quantumdex.io
eb2.3lift.com
10 ap.lijit.com 5 redirects assets.vlitag.com
8 www.googletagservices.com 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
pastebin.com
7 match.adsrvr.org 7 redirects
7 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 targeting.unrulymedia.com assets.vlitag.com
6 us-u.openx.net 2 redirects ce.lijit.com
us-u.openx.net
6 x.bidswitch.net 4 redirects ce.lijit.com
eb2.3lift.com
6 cs-server-s2s.yellowblue.io sync.quantumdex.io
cs-server-s2s.yellowblue.io
6 prebid-asia.creativecdn.com assets.vlitag.com
6 useast.quantumdex.io assets.vlitag.com
5 sync.adkernel.com sync.quantumdex.io
sync.adkernel.com
5 cdn.ampproject.org 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
5 www.google.com 1 redirects 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
tpc.googlesyndication.com
pastebin.com
5 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
5 match.sharethrough.com 2 redirects s.amazon-adsystem.com
match.sharethrough.com
5 cdnjs.cloudflare.com pastebin.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 sync-tm.everesttech.net 3 redirects match.sharethrough.com
4 ads.pubmatic.com sync.quantumdex.io
ce.lijit.com
sync.adkernel.com
4 sync.1rx.io 4 redirects
4 id5-sync.com 2 redirects assets.vlitag.com
4 rtb.mfadsrvr.com 4 redirects
4 prebid.ad.smaato.net assets.vlitag.com
4 cdn.jsdelivr.net assets.vlitag.com
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
4 services.vlitag.com pastebin.com
services.vlitag.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 www.gstatic.com pastebin.com
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
pastebin.com
3 px.ads.linkedin.com 2 redirects eb2.3lift.com
3 ad.doubleclick.net 1 redirects www.googletagservices.com
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
3 um.simpli.fi 3 redirects
3 match.prod.bidr.io 3 redirects
3 onetag-sys.com s.amazon-adsystem.com
sync.quantumdex.io
cs-server-s2s.yellowblue.io
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
2 image8.pubmatic.com cs-server-s2s.yellowblue.io
sync-amz.ads.yieldmo.com
2 sync-dmp.mobtrakk.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects us-u.openx.net
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cm.mgid.com 1 redirects ce.lijit.com
2 ads.betweendigital.com 2 redirects
2 gum.criteo.com assets.vlitag.com
2 beacon.lynx.cognitivlabs.com 2 redirects
2 cms.quantserve.com 1 redirects 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net pastebin.com
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 s0.2mdn.net ad.doubleclick.net
ce.lijit.com
2 cs.krushmedia.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 assets.vlitag.com services.vlitag.com
1 contextual.media.net cs-server-s2s.yellowblue.io
1 csync.loopme.me 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ssc-cms.33across.com 1 redirects
1 cm.adform.net cs-server-s2s.yellowblue.io
1 lb.eu-1-id5-sync.com assets.vlitag.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 t.adx.opera.com 1 redirects
1 tr.blismedia.com ce.lijit.com
1 data.adsrvr.org 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ssp.disqus.com 1 redirects
1 acdn.adnxs.com assets.vlitag.com
1 ums.acuityplatform.com 1 redirects
1 aid.send.microad.jp 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
1 rtb.adentifi.com 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
1 aep.mxptint.net 1 redirects
1 cs.iqzone.com ce.lijit.com
1 aorta.clickagy.com 1 redirects
1 a.teads.tv assets.vlitag.com
1 ssbsync-us.smartadserver.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 trace.mediago.io 1 redirects
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com services.vlitag.com
1 dsp.vlitag.com services.vlitag.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pastebin.com
1 pastebin.net 1 redirects
0 ads.yieldmo.com Failed sync-amz.ads.yieldmo.com
0 um4.eqads.com Failed ssum-sec.casalemedia.com
0 cm.adgrx.com Failed ssum-sec.casalemedia.com
0 ups.analytics.yahoo.com Failed ssum-sec.casalemedia.com
0 i.liadm.com Failed ssum-sec.casalemedia.com
0 secure-assets.rubiconproject.com Failed cs-server-s2s.yellowblue.io
0 ads.stickyadstv.com Failed cs-server-s2s.yellowblue.io
0 sync.go.sonobi.com Failed cs-server-s2s.yellowblue.io
0 odr.mookie1.com Failed sync.adkernel.com
0 dis.criteo.com Failed eb2.3lift.com
0 stx-match.dotomi.com Failed match.sharethrough.com
0 creativecdn.com Failed ce.lijit.com
0 id.a-mx.com Failed assets.vlitag.com
0 ius.ctnsnet.com Failed 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
0 prg-apac.smartadserver.com Failed assets.vlitag.com
377 115

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-11-26 -
2024-02-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2023-08-25 -
2024-08-24		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh

This page contains 47 frames:

Primary Page: https://pastebin.com/
Frame ID: AAFC2BA3B513F16918A77AC5FFB58723
Requests: 145 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: F7880D28FC849BD83415CC82F986E2B1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: DFC0E827857180A7015FE4538C4873AD
Requests: 5 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 2F3A9709F1B7184440DAEF315249545B
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: DD724155305CBF7361BAEFAA9DCB8FD2
Requests: 7 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: B2E6F02E8A7DA3164E671914D5F64C7B
Requests: 4 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 23484907944C4DF7D2A788BE6118227A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6210542540411513844&gdpr=0&gdpr_consent=
Frame ID: 58BEE71E7D8F8D2764EF95D87C3F6BA6
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 97DB4809E1FF499365050AD0F167E572
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4092230499081819027602
Frame ID: 0D282906C779B1E31D9F3682D9647796
Requests: 1 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEB35CCC3E99014948B133BCB209CFD1
Requests: 1 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 961D5DD84CA7109BA19DB86696717458
Requests: 11 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D958AB38F41308C38123F5EF148C4D7
Requests: 8 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2DCEB7243A5989DA47D41577C1E300EB
Requests: 8 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AFF459CC0F191A2CA992931448C17F12
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87E49F0ED6A39D3092DFD92CECA76AC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B21EF8FECA0A16A072D69036ED89D8E0
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Frame ID: 7370E79197347EFBB6DD2FCF99BEBDB1
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 939E1DC0BE2222B882BA73F9257A0C86
Requests: 9 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A4B74528DD9C2AAEF98D622F4189174
Requests: 19 HTTP requests in this frame

Frame: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EB813332A6981E9C5DD933BA9CA78B7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AB264337732343C49547562A141151D0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D68175EEC3777AFC97F2DAFE4BBCDD5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72869C51F54CA648CA191017D3554D4B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F60DFAAEDB393D9DB6C5AF058910C186
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 07C102A9AE181F22AF82756C94A1D9E5
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: D9CD5CF46800F957EB464D15C9106881
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13427529
Frame ID: 38BD2E826BBD29F417D26159D047DFFF
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B54438055A13B34514DF5B348B4DFEC9
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A1085222958414441586
Frame ID: D6FEA77529C3D4FDE8A1CB11A9D99D6B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 557FDAF0E1AC64D8D61A5E06729431C2
Requests: 9 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 7783C6C10517346AC9758CDD3D7F60B8
Requests: 13 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A2686227363492729077
Frame ID: 40BEFF9997EBAE1E1C9574AAEBB6B5C0
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A7420484607575453321
Frame ID: 4142DB57CB5C88EF1486F9E1888B17DE
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 5879D5B38E713D356688D40FEF65630B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: C717747A1266E2DB2A0EA3D39CC52789
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 06843CABD643A14B43581A7C491E2180
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 241E24DD7923D780155E7B5AF39A8D75
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D522B9E025E363A32E35F5DCB068AE15
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 2B19B5ED5496EC3AA0DB772D9A262DEF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 86E1489D1F1A1B951EAA8303D56BAEED
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DCF54CA4EBC250B322A0BD7FF60C38F2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: D647776C3A88E305EC8F908CEC3D4B73
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D657884%26t%3Diframe%26uid%3DPM_UID
Frame ID: 1961B62A066B7451E853D1C993CCE468
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: E501AB3B5CBBFE9477521791DCDB4596
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
Frame ID: 0767BD1C38FABE89FB9084ED14B9C4C1
Requests: 1 HTTP requests in this frame

Frame: https://um4.eqads.com/um/cs
Frame ID: 9D0691A65CEB7C49D5BC2D86E15F4D86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pastebin.com - #1 paste tool since 2002!

Page URL History Show full URLs

  1. http://pastebin.net/ HTTP 302
    https://pastebin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

377
Requests

77 %
HTTPS

0 %
IPv6

83
Domains

115
Subdomains

64
IPs

6
Countries

2497 kB
Transfer

7131 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pastebin.net/ HTTP 302
    https://pastebin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 105
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=81fa84b73adc382c2ft2t700lq2qdtoh
Request Chain 106
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AACqIk7K8WcAABRoYNcXqw&ex=beeswax.com
Request Chain 107
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FxsDZCgIVmFd0bnvHpKa
Request Chain 110
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 112
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6210542540411513844&gdpr=0&gdpr_consent=
Request Chain 113
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 114
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4092230499081819027602
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VzBfS0tYWTFPT2QwcXBycUxDalFSUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=VzBfS0tYWTFPT2QwcXBycUxDalFSUQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEITOmcQ3S70HswyqAQdfdvw&google_cver=1
Request Chain 116
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=30bfc5a050e3128f&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFu0v--FQhlANA3KFgAAAAAAA&expiration=1702495441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 183
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Hz2reBZHNsixJUGTQ72LOFhh&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:5e036a7b8b1a01c27fd8e78fc975943f
Request Chain 184
  • https://um.simpli.fi/lj_match?r=1702409035162&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=28D61EF5D2B1453E8575A7420710A39E
Request Chain 185
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=98db1d72-c26b-5381-89d4-bf91cc027ac8&redir=[RED]
Request Chain 186
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=m4mW4OQMHgyE&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 187
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=8d2d0818-b225-4249-bde9-d8f1a7d4e78f
Request Chain 204
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEG_Yf3pRppcW6jBKPPbFZtg&google_cver=1&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw&google_hm=UjM1Q0E5XzEwRDk3NDY1Ql82QkY2Mjk5Qg%3D%3D
Request Chain 205
  • https://um.simpli.fi/gp_match?google_gid=CAESEHDLOSL1q7Dx61lE0KVbNSw&google_cver=1&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS3HZJT7xjOrUszNhI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FCF91777CA594CE9B3E5E3FB80D5C614&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS3HZJT7xjOrUszNhI
Request Chain 206
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJUITKTSqEyJMIkDm3R8XAQ&google_cver=1&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBNhe9KONWUwj9GlTSDFaWv92A3X0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBNhe9KONWUwj9GlTSDFaWv92A3X0
Request Chain 207
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmSHK_Icp30jeJzxMOoLquibsJW1sUrsPF65XFhWMbZRjQevb4fMe6eUTTViRT_5SNsfUzaBVKULEyA-iQwzh6KldxDw-OrGgh0 HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmSHK_Icp30jeJzxMOoLquibsJW1sUrsPF65XFhWMbZRjQevb4fMe6eUTTViRT_5SNsfUzaBVKULEyA-iQwzh6KldxDw-OrGgh0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
Request Chain 210
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFFGUsPZan9m08qavA57tho&google_cver=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY3DhBBbaeTFIAbWF251z8mEi6Xk3YNJwz-hxqI7xQX0d73zGLmJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY3DhBBbaeTFIAbWF251z8mEi6Xk3YNJwz-hxqI7xQX0d73zGLmJ
Request Chain 226
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_pre=CNuO-u7PioMDFWAMaAgdnvsIWQ;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Request Chain 255
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJUITKTSqEyJMIkDm3R8XAQ&google_cver=1&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZPtvUrKxCAo0wvjEQsVXaI74lFehB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZPtvUrKxCAo0wvjEQsVXaI74lFehB
Request Chain 256
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmTxBiRdVHFIHiTUwHNRuW3O-Ubig5GfS5XhkuLIfHPoC_3DThXXQZ-Tb7m5ktTxw4r3DKU-7Q5RJsloHnZjCVc-ux5Xtmvfeweq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
Request Chain 257
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPnhGzTuNefsKUosykaZgew&google_cver=1&google_push=AXcoOmRNM3ColzfCtU2lgP7kePgfMVBevxdVOPVdqiq7ktF-o76mCCz3eGr5gCNwmwnwzyaL-Ob7WwjGJl99zU4KYl7tmWbbzwg1TZDs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863945431211&us_privacy=1---
Request Chain 258
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFFGUsPZan9m08qavA57tho&google_cver=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNeG5gvb5DHZhk64wb9sATL3i6g_k5IIf4B1ZT5XIIY6qcZmZbwiJ_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNeG5gvb5DHZhk64wb9sATL3i6g_k5IIf4B1ZT5XIIY6qcZmZbwiJ_Q
Request Chain 260
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESELkc0SfmASf9NxKbZakRhT0&google_cver=1&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_UnbrNaZoEgjtaOSBcc1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=NkIw7-gU2EalkX876xy0pg&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_UnbrNaZoEgjtaOSBcc1
Request Chain 271
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 279
  • https://ap.lijit.com/beacon?informer=13427529 HTTP 301
  • https://ce.lijit.com/beacon?informer=13427529
Request Chain 281
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=84786517281967022 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=424aadd2-d2f4-535a-903c-f982f5444acf
Request Chain 282
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-38c1cf10-a4e5-34e6-94c3-d3f19da9d575
Request Chain 283
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=Hz2reBZHNsixJUGTQ72LOFhh
Request Chain 284
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=2c63b59378
Request Chain 285
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3485906243037739355
Request Chain 286
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2f185fbd-fe41-4279-8c04-45472817b909
Request Chain 287
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-62dbIyr8KjD0vexWO6rzYvSw-RaxuAFyLAB3w3c-rQ
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 294
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 298
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1702409038593 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=798857404 HTTP 302
  • https://sync.1rx.io/usersync/turn/3521150014322321970?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
Request Chain 299
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 300
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?3pid=AACqIk7K8WcAABRoYNcXqw&pid=85&gdpr=0
Request Chain 301
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=3485906243037739355&gdpr=0&gdpr_consent=
Request Chain 302
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
Request Chain 303
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=uIzi9uyK4a2jgbCst4D4qOqL5a2jiLOqt9w0PpTU
Request Chain 305
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0
Request Chain 306
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPUfc62356409664077ad84a92b218f7547&gdpr=0&gdpr_consent=&pid=103
Request Chain 307
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQ2QDYXP-28-4P55&gdpr=0
Request Chain 308
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.mgid.com/m?cdsp=827027&c=98db1d72-c26b-5381-89d4-bf91cc027ac8&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA] HTTP 307
  • https://cm.mgid.com/m?c=98db1d72-c26b-5381-89d4-bf91cc027ac8&cdsp=827027&gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&us_privacy=%5BCCPA%5D&sct=1
Request Chain 309
  • https://um.simpli.fi/lj_match?r=1702409037472&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FCF91777CA594CE9B3E5E3FB80D5C614
Request Chain 312
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2QDWNV-1I-BFF&gdpr=0
Request Chain 314
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dbacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=
Request Chain 317
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OGQ1YTBhYTQtZDE5Yi00YzljLTg2NjUtMDdhYzI5MDY3ZGJi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=ZXizUQAGYE7C4wAM
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e184bad7-0867-4598-ae43-c11a51adda20&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 324
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMRrqbmP8rNT63y_f2zC90Y&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 326
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D
Request Chain 328
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4092230499081819027602?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mUmGHx9E2oS.LfZqRmJbaL.rwQOIkZdX_oRM3vGVLg--~A&dongle=0883
Request Chain 331
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3485906243037739355&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1085222958414441586 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=xapads&user_id=A1085222958414441586 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=xapads&bsw=0f48f247-ab0d-46e4-b816-7b329b897931 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=xapads&bsw=0f48f247-ab0d-46e4-b816-7b329b897931&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NzQ5NDdkZDdmYmY0NDZhMg&gdpr=&gdpr_consent=&us_privacy=&ssp=xapads&bsw_param=0f48f247-ab0d-46e4-b816-7b329b897931 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Request Chain 337
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZXizUQAGXN7C5QAM HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXizUQAGXN7C5QAM&_test=ZXizUQAGXN7C5QAM
Request Chain 340
  • https://match.adsrvr.org/track/cmf/openx?oxid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e184bad7-0867-4598-ae43-c11a51adda20&ttd_puid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0&gdpr_consent=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqOK48aDmRSu9OyMjPoYnI&google_cver=1
Request Chain 349
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1813204565226980062 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0f48f247-ab0d-46e4-b816-7b329b897931&ssp=xapads&gdpr=&gdpr_consent=
Request Chain 353
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212375866805710
Request Chain 354
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=2f185fbd-fe41-4279-8c04-45472817b909&gdpr=0
Request Chain 355
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=35775aaa-5f6e-4df0-93ff-a62e343dd0e4&gdpr_consent=null&gdpr=0
Request Chain 357
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=3485906243037739355&gdpr=0&gdpr_consent=
Request Chain 358
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d2bc1ab5-e203-0f2b-1374-96e7105b2384
Request Chain 359
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXizUBNdaxz98spxSo_LcwAABagAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENWYAdrhF76xqehBfX5YjgQ&google_cver=1
Request Chain 367
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e184bad7-0867-4598-ae43-c11a51adda20&expiration=1705001040&gdpr=0&gdpr_consent=
Request Chain 369
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXizUBNdaxz98spxSo-LcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8JWG7l57WfUFIZc2TUSAc&google_cver=1
Request Chain 371
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eaa5cbeb-b08f-48a4-a078-ede432f637d5&expiration=1734031440
Request Chain 377
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ2QDYXP-28-4P55
Request Chain 379
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=3485906243037739355&pn_id=an
Request Chain 381
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4410940003 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e184bad7-0867-4598-ae43-c11a51adda20 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005

377 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pastebin.com/
Redirect Chain
  • http://pastebin.net/
  • https://pastebin.com/
43 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4230d714e7780318640944aae307e8c07ad060f2dbfd9c2545459fe83fb2530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8348582238d5a247-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 19:23:52 GMT
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1;mode=block

Redirect headers

Connection
keep-alive
Content-Length
43
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 19:23:51 GMT
Location
https://pastebin.com
Server
namecheap-nginx
X-Served-By
Namecheap URL Forward
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S72LBY47R8
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
11cffce799633717024b442e43abe248623fdcd94c463e893988ef37ea8d944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 19:23:52 GMT
bootstrap.min.css
pastebin.com/assets/c80611c4/css/ 		119 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/c80611c4/css/bootstrap.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Feb 2019 15:55:38 GMT
server
cloudflare
age
6277
etag
W/"5c643dfa-1da71"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b14a247-YYZ
select2.min.css
pastebin.com/assets/ff2ff0b/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/ff2ff0b/css/select2.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 05:01:22 GMT
server
cloudflare
age
53
etag
W/"5e2fc022-3a76"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b19a247-YYZ
select2-addl.min.css
pastebin.com/assets/c19c6973/css/ 		880 B
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/c19c6973/css/select2-addl.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eed9e2140abe64d5a2a5e030bed4b49b3091d51f1196c9c9512466bee260225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 16:16:16 GMT
server
cloudflare
age
6013
etag
W/"5dcecf50-370"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b1ba247-YYZ
select2-default.min.css
pastebin.com/assets/c19c6973/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/c19c6973/css/select2-default.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26a52e45d695c38e0ffb6570a09e209815e3803ba202464ae34d09199041a08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 16:16:16 GMT
server
cloudflare
age
53
etag
W/"5dcecf50-17d7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b1ca247-YYZ
kv-widgets.min.css
pastebin.com/assets/fb16b45a/css/ 		724 B
488 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/fb16b45a/css/kv-widgets.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145e429f2c19e775cd9cfcc0de7a3fcec6d0e9624dec74ccd3e7efff2d4c86da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2019 17:14:54 GMT
server
cloudflare
age
6013
etag
W/"5c893a8e-2d4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b1da247-YYZ
bootstrap-tagsinput.css
pastebin.com/assets/72fc434d/dist/ 		1 KB
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff466857c3492bc9b5c0bfeaef7797f107581a0c387ff6e1ac3314e2b084a40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 27 Jul 2014 12:27:42 GMT
server
cloudflare
age
613
etag
W/"53d4f03e-431"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b1ea247-YYZ
codemirror.min.css
cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/codemirror.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a825261665cb81263ed12ad17e2c030aa44326e59c486301bc8cb12de3b563
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
985673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1359
last-modified
Fri, 23 Oct 2020 20:41:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f933fe2-179a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M%2BEhdTqldDLdENcdqGcrRrnvXXHjF55iKx2ky%2BPMS%2FYsTNtlK2N8cNTinXAWWYmcRXDenaEaA8UqlHZIaRuBMk8uvfDv3GCnNKSWbLZTj9PgOIsf9pE%2Ft7sg5h7VKjLsaVApS7p"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
834858247fea3981-YYZ
expires
Sun, 01 Dec 2024 19:23:52 GMT
material-darker.min.css
cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/theme/ 		2 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/theme/material-darker.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f7867d65852095da9627424ca794ab24b58187ccbdfdf637fda7b57ab417f8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1240675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
402
last-modified
Fri, 23 Oct 2020 20:41:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f93400a-855"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3Ad%2Fn5hLP2LPAvFxd9%2Fa%2FEyw2kyk0vdIKF2RN0ORPtb2jkzgqbteELds6bR%2FZsjyoJPwZQxtIVpVAEOsvhzIljaQdrkxg1fdQAIPO7IO56fUU3f5pwYe%2FqMqQ6lgUwnk%2FaVNsfi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
834858246fe73981-YYZ
expires
Sun, 01 Dec 2024 19:23:52 GMT
vendors.bundle.css
pastebin.com/themes/pastebin/css/ 		1010 B
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d790d8d644d85ba75095d8bce6dc947331745cf9fe0187d7b564505ffd41e53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
1603
etag
W/"6512b540-3f2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b20a247-YYZ
app.bundle.css
pastebin.com/themes/pastebin/css/ 		132 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e602bf5cbc6b2715d4cb4d1d17414b038387f971de019e2791d55e8bf23059e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
2977
etag
W/"6512b540-210f9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
834858241b21a247-YYZ
/
services.vlitag.com/adv1/ 		573 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39cd0c1324f2b94e4cb0102018494b705297a72f3aef5d44e8547ba796aef750

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
617
cf-polished
origSize=586945
etag
W/"adf050ece17b957604b4bbfc1829059f 2023-12-11T03:15:25 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858253c82398a-YYZ
alt-svc
h3=":443"; ma=86400
guest.webp
pastebin.com/themes/pastebin/img/ 		834 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/guest.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ffea70d9901580be4cc160eed36980ce7af29cb07fcd29dde54d67b323e8a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
4475
etag
"6512b540-342"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
834858241b22a247-YYZ
content-length
834
hello.webp
pastebin.com/themes/pastebin/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/hello.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1bf559a0ff2b782db1ed3d774b6bf1379c4cfef4fbca73cf0d046da0b27c18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
4328
etag
"6512b540-a06"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
834858241b24a247-YYZ
content-length
2566
jquery.min.js
pastebin.com/assets/9ce1885/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/9ce1885/jquery.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 22:50:46 GMT
server
cloudflare
age
6277
etag
W/"5eb09c46-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
834858249c28a247-YYZ
yii.js
pastebin.com/assets/f04f76b8/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/f04f76b8/yii.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jul 2020 21:45:32 GMT
server
cloudflare
age
2977
etag
W/"5f04ecfc-51c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
834858249c29a247-YYZ
select2.full.min.js
pastebin.com/assets/ff2ff0b/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/ff2ff0b/js/select2.full.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 05:01:22 GMT
server
cloudflare
age
6013
etag
W/"5e2fc022-1356c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc52a247-YYZ
select2-krajee.min.js
pastebin.com/assets/c19c6973/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/c19c6973/js/select2-krajee.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185e59a8a5b1191b2bb3f3a8ead5c5375347a4c284b1232a5d15c7d058d8c987

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 16:16:16 GMT
server
cloudflare
age
52
etag
W/"5dcecf50-e6c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc53a247-YYZ
kv-widgets.min.js
pastebin.com/assets/fb16b45a/js/ 		671 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/fb16b45a/js/kv-widgets.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b9eae54b68fb4c3e243b7f57d50a6a2609a3875f6fd9a6a6e12ae3eb0418a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2019 17:14:54 GMT
server
cloudflare
age
6014
etag
W/"5c893a8e-29f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc55a247-YYZ
yii.activeForm.js
pastebin.com/assets/f04f76b8/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/f04f76b8/yii.activeForm.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d17fd9e0bba9cd38ac6a41ba00feb6c1b15611859b7d0c092c22ca24f2df47e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jul 2020 21:45:32 GMT
server
cloudflare
age
5195
etag
W/"5f04ecfc-8ba9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc57a247-YYZ
bootstrap-tagsinput.js
pastebin.com/assets/72fc434d/dist/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a31fb51092b5be28b0d96e4b8a6a39c6cfe0dcd6ece71604fdc1feb505d074

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 27 Jul 2014 12:27:42 GMT
server
cloudflare
age
4748
etag
W/"53d4f03e-4ae1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc58a247-YYZ
vendors.bundle.js
pastebin.com/themes/pastebin/js/ 		212 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f6780a679f814dde634d3c40c0cf83ff72c1d92f679e9264f2badf04e504a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
613
etag
W/"6512b540-35083"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc5aa247-YYZ
app.bundle.js
pastebin.com/themes/pastebin/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
441f4b2c8ce22e54955155f09aca309ceb06fbb62e9fcbc77ae5a3f92cd543c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
2399
etag
W/"6512b540-9325"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
83485824bc5ca247-YYZ
codemirror.min.js
cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/ 		166 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/codemirror.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab459ca945e177fbe6c9a5a0509bc16440fb80976e47b184676b0203682460af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1234173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
49924
last-modified
Fri, 23 Oct 2020 20:41:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f933fe6-298e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paiBFL3WxeFP%2Bi4Du816Uvm7vEyastiPiXqW9QB6Dfk4X0k3qsQNRYWi9bB1%2BldVjf48vJW%2BXbZNbfQFWEh9N457sGn83aapf7BtD6UKWiQg1Q42yG6P2cJAcOSMQ9pmziBtTRum"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83485824b8633981-YYZ
expires
Sun, 01 Dec 2024 19:23:52 GMT
multiplex.min.js
cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/addon/mode/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/addon/mode/multiplex.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc98b28f8951d6d1049a22635e1850217bb67d6ce6498b8297938b2a60a2c80
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1148453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
797
last-modified
Fri, 23 Oct 2020 20:41:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f933fdd-8a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMucfrRUgxzDt%2FMoTBs0XkqF7m8Ai%2FtIXBIfcwK9Boa8NwIL9hIps%2BPkhylJnkNnnE2p3iyXC6FnG23DoRBPHXHkiv4DN%2BkzaGKOj0fHsAntUx7A9TdA1uFuCK0N%2F08%2Fe67HUQiu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83485824b8653981-YYZ
expires
Sun, 01 Dec 2024 19:23:52 GMT
simple.min.js
cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/addon/mode/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.2/addon/mode/simple.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad7952e57b6d9896de50656a69d5d6e805054f586577fb0e0d9edbf00703876
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1064933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1548
last-modified
Fri, 23 Oct 2020 20:41:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f933fdd-fa3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8USrwH0XuWLC29xUe7dXv8oOoJKDFhaE3zDbrgFn%2F%2Bt1Tbslo3DxCAYMcTXSy0%2FjLOy9d5kNdS2zIntGLVA%2BUIc06gpQnbMhYoE2exYdkmH4iJYbwHG4%2BbXzJGkPthZ1TFsbeZ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83485824b8663981-YYZ
expires
Sun, 01 Dec 2024 19:23:52 GMT
pastebin_logo_side_outline_support_ukraine.webp
pastebin.com/themes/pastebin/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8774dde16f1ae45a9125b8689f96cf18a14207ae1d31ba4e584a2ce95f94e041

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
272
etag
"6512b540-25aa"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824bc64a247-YYZ
content-length
9642
spritesheet.webp
pastebin.com/themes/pastebin/sprite/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/sprite/spritesheet.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7aee5871211604e24ffbaf5cc5d2c3f3e737be1362e829cd75250aef1e939a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
5895
etag
"6512b540-b7d8"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824bc68a247-YYZ
content-length
47064
loading-plugin.gif
pastebin.com/assets/fb16b45a/img/ 		847 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/assets/fb16b45a/img/loading-plugin.gif
Requested by
Host: pastebin.com
URL: https://pastebin.com/assets/fb16b45a/css/kv-widgets.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb2c87444ef9f0ad7ff70d880ab21728e26380949753c630fa1831fe62b8026

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/assets/fb16b45a/css/kv-widgets.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2019 17:14:54 GMT
server
cloudflare
age
6013
etag
"5c893a8e-34f"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824cc81a247-YYZ
content-length
847
info.png
pastebin.com/themes/pastebin/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/info.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
852
etag
"6512b540-68c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824cc84a247-YYZ
content-length
1676
linebg.png
pastebin.com/themes/pastebin/img/ 		375 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/linebg.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
2863
etag
"6512b540-177"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824cc87a247-YYZ
content-length
375
close_promo.png
pastebin.com/themes/pastebin/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/close_promo.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 10:41:04 GMT
server
cloudflare
age
6514
etag
"6512b540-594"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83485824cc8aa247-YYZ
content-length
1428
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
check-last-posts
pastebin.com/site/ 		2 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/site/check-last-posts?k=0&d=0
Requested by
Host: pastebin.com
URL: https://pastebin.com/assets/9ce1885/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.34.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Referer
https://pastebin.com/
X-CSRF-Token
MalYRhAQlmurPKN8bfKG3i41jGGOFHDG0VHUKwtb6yNi8w0-Zj38Me1jlxQgoL-vQVnnGeVVB6igGaJ0RBihdg==
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
application/json; charset=UTF-8
cf-ray
83485826ff80a247-YYZ
x-xss-protection
1;mode=block
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S72LBY47R8&gtm=45je3bt0v886697865&_p=1702409032339&gcd=11l1l1l1l1&dma=0&cid=1975534093.1702409033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702409032&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.com%2F&dt=Pastebin.com%20-%20%231%20paste%20tool%20since%202002!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4569
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S72LBY47R8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adf050ece17b957604b4bbfc1829059f.json
services.vlitag.com/cli/ 		42 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/adf050ece17b957604b4bbfc1829059f.json?hn=https://pastebin.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ddaec10c5c6c654c653d28f7c9b2ce8bf7167d8a59192f7e99d29bfbc3c81d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:52 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858279ca0a241-YYZ
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1702357385/ 		13 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1702357385/vl.json?page_url=https%3A%2F%2Fpastebin.com%2F
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 05:03:05 GMT
server
cloudflare
age
51376
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858283d87a241-YYZ
content-length
13
alt-svc
h3=":443"; ma=86400
adf050ece17b957604b4bbfc1829059f.json
services.vlitag.com/obj/1702357385/ 		45 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1702357385/adf050ece17b957604b4bbfc1829059f.json?cc=CA&hn=https://pastebin.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef8cbbbcb05f2185a3bbd57a389ab5afbf2f5b4fb8432bde01aad0d5e26ff5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 05:03:19 GMT
server
cloudflare
age
51603
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858283d8aa241-YYZ
alt-svc
h3=":443"; ma=86400
adtag.js
dsp.vlitag.com/js/v1/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.vlitag.com/js/v1/adtag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
148
cf-polished
origSize=104022
etag
W/"2023-11-17T05:03:23"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858289a5e398a-YYZ
alt-svc
h3=":443"; ma=86400
prebid-8.21.0.js
assets.vlitag.com/prebid/default/ 		615 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 03 Nov 2023 08:25:02 GMT
server
cloudflare
age
1068807
cf-polished
origSize=630565
etag
W/"6544ae5e-99f25"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
834858289a66398a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 Nov 2023 09:19:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
44e901d28e40098d41ce18c9ffa439a8f429523fc7f5bf8d45f2b9b5f36749d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29115
x-xss-protection
0
server
cafe
etag
853 / 19703 / m202312060101 / config-hash: 14068298010047120646
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
sffe /
Resource Hash
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128901
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:23:53 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
989930
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
834858289a62398a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 16:40:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:54:02 GMT
content-encoding
gzip
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 c079338af747d912717239089fea0484.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
1792
x-amz-server-side-encryption
AES256
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
TPxyxtKi93aS9xGwPCcR22PgKKt7wv2x_KqmMfiM65Sq1VGX1VL0fw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:26:18 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 590897dc65a5ea6dcbac1c8ea98c65c4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
75456
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wPU4OKZg01q9cEwsuapHFE7a276IUi-G4nqyXmIyoGRwijByvXx20Q==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
31099
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 10:45:34 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 19:23:53 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 19:23:53 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 19:23:53 GMT
9cf0c4f1-7630-476b-9141-f4472e005192
config.aps.amazon-adsystem.com/configs/ 		746 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-105.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
771ce192b44bc1667299af1b9803dc8009f886bba4ddd295570cfbccc8ce7b02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:18:29 GMT
via
1.1 8af02ce0419e91e83834b7deea9dd962.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
324
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
746
x-amz-cf-id
Tn9LrErvDVCHcL34fdqqDMzcUvGmUIpiND2ArNcaR7Y0vvS0flNPuw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpastebin.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:32:06 GMT
via
1.1 c079338af747d912717239089fea0484.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
age
3107
x-cache
Hit from cloudfront
access-control-allow-origin
https://pastebin.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
ibe6X9gB-JkY8G3uxFaJun-QXuDrIADArJAoV7JMAchbCIqYNVvksg==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231212
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 19:23:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
12184
x-jsd-version
1.0.1902
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
856
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4524-YYZ
x-jsd-version-type
version
etag
W/"634-TYzb/8jnowgM/pO+/pUXsjhGSAk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1249733
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJIPjoEfhjxSa603MUBux%2Bm7jYMFbbkXwz6c1oIrXTnUcfMFgg2e0Ff048AEcyIRNyv4jrYGD1ld3HAmR9R5oW09zx%2FflDG6Er7zyYXrcjWMJWhk%2B1vlYgy2L0CqMCoP"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8348582afed0711c-YYZ
pbjs
useast.quantumdex.io/auction/ 		846 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf258835fe6672a932b65b913c472daab31c91f771b2b41720c9bc63acea46f

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
cf-ray
8348582b2a3c3972-YYZ
v1
prg-apac.smartadserver.com/prebid/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ 		0
0
bid
ap.lijit.com/rtb/ 		94 B
624 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bd67e13f6e4618ae6c611778379512444d841d4684c03a64b4e03bcc6444202a

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pastebin.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
ib.adnxs.com/ut/v3/ 		139 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2217d8fef758ad77303d2c03c4eae5653724cd6f51b93c4662a8d35ed534add
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:53 GMT
an-x-request-uuid
f872f446-759c-4f0f-9c30-0a8e2f285f0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=0&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282550010_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A50010%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
6740cef5d11350deae4acc758fd481855836caeac1cee510da39d212c2e57d62
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
NY8YY8HF3C6MJC4WX9E0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
2MUUBK1mXvdWuCDo5rH21tUYW3JJb2lqmCAnCJGcmld3Xt8los250Q==
prebid
prebid.ad.smaato.net/oapi/ 		0
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.5.255.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-255-134.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:53 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
5026e00d-1c2e-72b2-a8ac-743e5692491b
x-smt-trace
https://tracing.smaato.net/api/traces/f20624d92046eb650c0aa88ced7e7db2?prettyPrint=true
prebid
prebid.ad.smaato.net/oapi/ 		0
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.5.255.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-255-134.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:53 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
bce1d0af-1826-28eb-8949-6fd926d6c6e4
x-smt-trace
https://tracing.smaato.net/api/traces/6620bc67dd071109f7a86bab021f6ecd?prettyPrint=true
prebid
prebid.ad.smaato.net/oapi/ 		0
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.5.255.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-255-134.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:53 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
0ad4fc09-0c57-07b4-b167-42f46271a5e8
x-smt-trace
https://tracing.smaato.net/api/traces/6efc076e20300e6afbd66eb243cfdf4a?prettyPrint=true
prebid
prebid.ad.smaato.net/oapi/ 		0
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.5.255.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-255-134.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:53 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
1715beca-180b-0006-bc83-25c878bb13ad
x-smt-trace
https://tracing.smaato.net/api/traces/6b1e35c87ef803ccc68406f19f7bb2b7?prettyPrint=true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg-apac.smartadserver.com/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d48dc8a5c334deb4767395784421570c63162601cf849ff968feb9c8ced910cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:53 GMT
an-x-request-uuid
57839990-8955-4f07-8493-9ae850736247
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
54c3e5ad0e0ad068d3c1bb4be04bca8069efd64a22bc7fe1a1c5425b87742e18

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pastebin.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
pbjs
useast.quantumdex.io/auction/ 		847 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61edd68106b42abfa69e3a10f5aa133c187a0e362be53767988bfd7cfcc35f72

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
cf-ray
8348582b2a403972-YYZ
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=1&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282550006_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A50006%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
0a3da6df8ea26b39fd9bfb8033ab8b93d0dd4c32c165a7b9455e913671ac7fef
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
9RGC793K5ZPZECC1CE4V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
61Hntsy59SsXsd7uswYuIhwtF43qmj8B0DTtvk4CyGXn5aa9-Kh1kw==
v1
prg-apac.smartadserver.com/prebid/ 		0
0
bid
ap.lijit.com/rtb/ 		94 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
690e73326a39db7d0fc5abd41b70904326420f89cd8d113683b7bd281b720637

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pastebin.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8348582b2a433972-YYZ
access-control-allow-methods
POST, GET
unruly_prebid
targeting.unrulymedia.com/ 		0
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=2&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282577474_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A77474%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
57202cbc8fbdb7f13bd13303665d323afa725d5d8b65dd5ac83cd53cf5b301e5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
WA0433PCDBTYJD0RXKXV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
Z1czBOzmP3W7f1klvyrBNqlYgAPAsfp3eQu2hVJPIEmGq8WBMga9Dw==
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5ece8c323eb30772d6a9648ff4465ec06e0fc040f58d9821a8e93a9fbc9e6a3a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
an-x-request-uuid
4afdf45e-c539-49de-bd57-af237fecd217
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		847 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1e9e2c63b1ab3c6523ea40ffe3fb132f99e51138e410f3a52c9d1d61c812c5

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
cf-ray
8348582b4a743972-YYZ
unruly_prebid
targeting.unrulymedia.com/ 		0
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		94 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7848c05d6bb17323eebe23008a1c675febc0f57345cb77ca6980c11eff224262

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pastebin.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=3&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282578983_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22250x250%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A78983%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b125a011d1e023c10fd54a81322226b0be928a4ed021bb3bbb8466519e0e7540
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
WPZY7P8VGAVHXA8YNJR6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
2FH0cYZX647zfmgIBxF_yVIg8FeI8yX3cDQKlQ-ly6t_6Z8rBoeNqA==
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=4&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_1282598651_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A98651%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a7904ac79da41ba565476ddd5aa5b6dcec52240c754bcdef6b420ae8a366ae27
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
1P4W8C51FYAKEC72JGS6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
gk5RHEZ16zKVMm0vYZuXOK7-UcwMPPXuIVaP-wNMuhRB0_1YFV2FKA==
tf-v1.jpeg
px.vliplatform.com/ 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tf-v1.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNrZyrwZMP-AtKU-PeyM-MMtT-teTrUyBtUKyaRzyzNhqut_cotvRws0NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHUcY0Go8t4wTt%2Fn6CiR2lNzMqHWhOvR1w3%2FLxHK%2FgqygOQbkZ%2BuI6MiA21XPpouML6xXjPP%2BQ23tyU17pNh6xa%2FKijKdAnyWgN6azzlaeWa1mAPfEstF%2B7tRpSXWASe7PZ4Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322db9a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATARzdNAyYeKBUw-MUZa-PTaM-qTUa-PMyaatAyPyYaRlmNaKAbYZARdzNwqfftkRqxeNco_TYMYZZAATA_TRwkjNAR_yszuNyqsltRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARwlNjxqfzxdrtb,ldqkzqrltkctk,xfkxsn,lgckf,lgckf,gyzdtroq,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fr9Ky0LRIHQHGGPYkVo%2BRDfvgWUEQPx4rKqdVd27Wn7NV6r0iBRSEeTV%2BGktuwJr0YwIGPvVFrK5Aedzkdoqnc0DK88oxy7jRvMIT2MPFDlyaies11JF5Y%2FK8dCcvXOzOxU3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322db5a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATARzdNZBByBKaB-qyMB-PtUT-atqA-YqBrMYewUKqMRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_TYMYZZAATA_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPPZbYZARwlNjxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8v%2BI2aZSFwD7%2Fjo6G0X%2FMC%2BRv6inSLdXPPwFdxAgvs5wYTVCq8U1cqFAoZ6Cv0PBiwiM5jus%2FMmMKbmCR4XJ0gOqCNZKDh07enVb%2FZxFCtwc3dDThJV3yqa7gqHQR2a5kegJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322dbba247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNwqZZrKwZ-UTrq-PqAq-Mwet-rUytZaeMwYUKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNZAATARleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvpqmkRb41NYZaDIx2zNI%2Fsu752E09g1GB21IerSoTbQyIzDNFsN09VWovu9kJxIeu6%2FjlhlKPNbEMw3TIS7aS6AEROAxYH4SaBJAWh1APi%2BeO7Sv5cBgDMjnstKBKtLex3trA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322db7a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAAAURzdNttPwBaYy-qqTA-PPTP-wATe-aaPAqyAKBKYURlmNBAAbYZARdzNwqfftkRqxeNco_TYMYZZAAAU_TRwkjNAR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNldqqzg,ldqqzg,ldqqzg,ldqqzg,kzwigxlt,ldqkzqrltkctk,gyzdtroq,lgckf,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmyJQdcYi8C4BJHxozKybt8P6Sy%2BH6a%2FeTw61lIpDrxeE8b0lt5frNtD79fIjETI1lbB97y97PA4p1V5Rt0sQmGSqf5mhK5u55QV5AQa21Qwe00p4F0qnkWNJfVAssOzHm1vOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322dbda247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAAAURzdNaYUKKqee-qaeq-PPyr-qTUM-wZwePewTqUtrRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_TYMYZZAAAU_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNjxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9Hm%2FNPJXSafo%2BqqwWuQTBclwemB1Pvi7hJ5lw72AGi1xzhquXECA%2FO425MVXJTB5bXQuwxEHSX3Y3vMFa9ekXpV45qje3%2BlO1jQOV0miG0Yi%2F6Jcbyv85DIowrFZQ3iPlzOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858322dbea247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyaYYUwUY-AqAY-PMYA-wZyT-treBMYPUTyywRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNTRmNZAAAURleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=792q63Zjzcneh4LK2UswFpaX%2BkcVw8FZ5m%2Ftl07H1CHAkfinq8wM2dOSWv%2BCF20udG5Hgm%2FTWKxF0qfHr%2BjupwLwaF9%2FQt1f13liwVCCS%2BCvEZl12gx4wekDy3MbRlb0%2FGvYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e19a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKKPKPRzdNUyZYarBA-TMeB-Ptqy-qKPK-yAYUwtAParBrRlmNaKAbaARdzNwqfftkRqxeNco_TYMYZKKPKP_TRwkjNAR_yszuNyqsltRkjmNaKAbaA,KYMbaA,PUMbUARwlNldqkzqrltkctk,lgckf,jxqfzxdrtb,xfkxsn,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ttn%2FBLTnEDTTLbL3Dv3w0e9A70CVOxGQZayCZTrlLUuMpRSSB6YvAgO3tQQwZh5PgR1Cloym74gVHOwW3EBEruLRW%2FYIk4njvarfFnugAe489bx1HSVejSTuVEj235sfkyyeWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e1ca247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNUTeYrAeP-etPy-Pyqr-MqYM-PTtTaaMUABeyRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNKKPKPRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPgXdlf7%2F2n0QYLUvD3e%2BNYpZajo2aXYDU3LKbzxf1gJiIAoD4KfYNkKshUmVR0DQFYxdwExTHHCYnrXC69Sr4uOWgGQDFZlNlANRuXp3j55TxaotYqxB6%2FzrCCphMAtBVGcCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e21a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKMaMBRzdNYTYTrtAZ-UeZM-PUKP-wBZT-AAwTZwtTTUYaRlmNBAAbUAARdzNwqfftkRqxeNco_TYMYZKMaMB_TRwkjNAR_yszuNyqsltRkjmNBAAbUAA,BAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,TUAbUAA,TYAbUAARwlNgyzdtroq,jxqfzxdrtb,xfkxsn,kzwigxlt,lgckf,lgckf,lgckfRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5GOyPUu0JFmPqp%2F1DwZyjFgj%2FJO2d1LZrKLhUMfOMQYx%2BKsrkCdZQcPF40rDJ5v2br60x0DwLnxZMWtYnefbRF2SgOAA0MdEp2NOFz6vnlwP5COc3vgvEfc5DHOXX%2Few87ENQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e23a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKMaMBRzdNBYtwAYtr-BtqB-PwaM-qMaZ-UrYrMMKTeBMeRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_TYMYZKMaMB_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNjxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjFtUssst3OL6uWuxA74stTnpzxZ7nMzCuOnQud96dWtPd15FjlLbb6FT1rD591u1DPDfpOcIGzv3jW%2FIadl4IFp3V12EI3QCGv9rysFG1Gy2%2B9hnPY%2FhtuastaLSWZ%2BHHDV9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e25a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNPYPPywyY-YUtt-PrUa-aBTT-ePrKetKaTUArRdzNwqfftkRlmNBAAbUAARwlNqdqmgfRkjmNBAAbUAA,BAAbYZA,YZAbYZA,TUAbUAA,TYAbUAARrdzNqdqmgfRwkjNTRmNKMaMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x136tej1PgvFZDjoHQO3%2BUMJHQcw3dUYCNH6dtC6ZkK255grH79oOUrJzPu2S0yKvZlRfNiVp3UQeijTLT5MuqVivZ%2FHtw9itTNYFU%2BuUlzPMuH1eES2azWWZNaZPYDZM30BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e26a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNBetABteP-MZeP-PTAe-aewK-arqZMPqyYZYaRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaMUZTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCp7ARgB9UaJjgOOLA358%2BMGVRJ1C9BsXZevlxM5HFq4AVARS6LGhC%2F9fQLDD8%2Br5YBWWKSax5NmPQVA0Ike6gp8%2BT4%2Bao2yqJ%2BzZop5%2FZMWYlcdQ%2BXcBV0B%2BxZJRv9hPp42kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e28a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNqqyttrYT-ZtaT-PTtM-qYqa-ZTytPqPtwZeaRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaMUZTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8M6q%2FKHGZ4%2BMLxGrgowdYkttTYIrl8oOoIVCoVZAs0mz8V0KQy%2BLnJl8ZeX%2F6AYalUmxrYRZ8Idw4V5r7NNAHt1S7TCuLO8jgAzF0oeo47yp2JPh6gWTbYzYyBMr0x06ZgR44Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e2ba247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
bid
aax.amazon-adsystem.com/e/dtb/ 		178 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2F&pid=9c8wsNDKufB1a&cb=5&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282550013_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A50013%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_1282550013_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A50013%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
fc89adf8dcb5037176e832b63b69a0a4e0d74b61f63df179200bca7f7c4f4eac
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
2T46CA9CV4N1C0AME30H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
178
x-amz-cf-id
ezx0x_bPtWoAUxRcSWekpiikq6pKbYOKlQnmCQPifSISNS54kfSmIA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNPwaaewYK-aYPw-PBTe-aaaP-eKBPtZPtMPtZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNZAATBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqkKfED%2B6hSZcOtHpLpyY1hC7%2FPJnGTri33089F6bRg6wOi3WqJX6c75droHjkL1NrPTZR3gZwhQYR4sIwxMWlgm4mJYTnc7N7vcYnYPkMfaZA2XJzDOgc8AghPcr0QZBMETTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e2ea247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNKZMqZeYY-eBYM-PTTr-waYP-ZMPZaaZeYeyyRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNZAATBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0%2BFARt4VH7QSaciE9srRkRoXUAYRy2%2BusthZjkojFHiilo2xDMGDsxHsT0lthMwECJLdLsi9HIxwP3OVKd9grYRMQ1J3%2FmCwH1Yzs%2BSETYKlnjzFasc7FvjHKGtNdgFXQ1qdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e2fa247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_legacy%252Fbi...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_legacy%252FbidRequest%252Fmonitor%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fpastebin.com%252F%22%2C%22lv%22%3A%2223.1129.2055%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
1QCNH0BQ3WHX4DVX3DYK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
ouyLCXu0Jbaic9pVqb2C1fU8RsIIr84Lo60QtmneH7gjQ11yHm0xRg==
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:23:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1245646
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUkmj1jzHbN5DSa7SjJgfpltnKK8ynuCZLwN73OGu%2BGM0fjNG9Db5eVe%2FMOKaog%2BjgI1kYOCBhw3H9I3JhMyfcTFCJwVGYMMkmDk2%2Fgww%2BEeoVYZrs7S9AzYHLh7V9XX"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8348582daa9536d6-YYZ
iu3
s.amazon-adsystem.com/ Frame F788
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
348 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4d886b32148b43d03443fa93c1f0f87a77bdd936a29d604df5a21723c08bdda6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
348
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 19:23:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
07QBJHR2QV9BFQWDY86G

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 19:23:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BT36RX2KZ4V0Y0J5NZW7
pr
s.amazon-adsystem.com/v3/ Frame DFC0 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a42d5393b1b69380bc3597bac17ab755ee4309b444c7d03a3666b8824b628707
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2679
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 19:23:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FKJPXDXWZS5DAC8478TA
/
onetag-sys.com/match/ Frame DFC0 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame DFC0
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=81fa84b73adc382c2ft2t700lq2qdtoh
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=81fa84b73adc382c2ft2t700lq2qdtoh
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XG73DGZ23T1ZBFV3ZXCY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:54 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=81fa84b73adc382c2ft2t700lq2qdtoh
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame DFC0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AACqIk7K8WcAABRoYNcXqw&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AACqIk7K8WcAABRoYNcXqw&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R8B6P54J1ZRPMZ75W5R8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AACqIk7K8WcAABRoYNcXqw&ex=beeswax.com
Date
Tue, 12 Dec 2023 19:23:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame DFC0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FxsDZCgIVmFd0bnvHpKa
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FxsDZCgIVmFd0bnvHpKa
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HFPJ7PZB43W862JNGR4T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FxsDZCgIVmFd0bnvHpKa
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 2F3A 		780 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.118.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-118-237.compute-1.amazonaws.com
Software
/
Resource Hash
55132b78e7eace8460e88ec9f6cf2a8b7aff5f87128e6e761ceeddc2bc586a91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
780
date
Tue, 12 Dec 2023 19:23:57 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame DD72 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.159.234 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3effd37cce515bcbae7caadfb0108ff007cafd12c434780746cd76c228525dcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 12 Dec 2023 19:24:01 GMT
pragma
no-cache
vary
accept-encoding
visitormatch
bh.contextweb.com/ Frame B2E6
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
0323ca76ded2ee9b1a80921554512f5e4897d169d0a87504776c192bb3c5f559
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5c6449b65-gvtwm
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-5c6449b65-gvtwm
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
cm
u.openx.net/w/1.0/ Frame 2348 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 12 Dec 2023 19:24:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 58BE
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6210542540411513844&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6210542540411513844&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 19:23:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YV8B3XANHM35PCW0ZXHH

Redirect headers

content-length
0
date
Tue, 12 Dec 2023 19:23:53 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6210542540411513844&gdpr=0&gdpr_consent=
amazon
ce.lijit.com/beacon/ Frame 97DB
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
7540f6bb53df430be3180d635f27a405209da28b8b30f8335d6d37c396de19f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
553
Content-Type
text/html
Date
Tue, 12 Dec 2023 19:23:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
ecm3
s.amazon-adsystem.com/ Frame 0D28
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4092230499081819027602
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4092230499081819027602
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_n-onetag_ym_ppt_n-baidu_n-Beeswax_ox-db5_smrt_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 19:23:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1S8CTYQR837NX2SYBEX5

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 19:23:55 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4092230499081819027602
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtset
bh.contextweb.com/bh/ Frame B2E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VzBfS0tYWTFPT2QwcXBycUxDalFSUQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=VzBfS0tYWTFPT2QwcXBycUxDalFSUQ&gdpr=0&gdpr_consent=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEITOmcQ3S70HswyqAQdfdvw&google_cver=1
49 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEITOmcQ3S70HswyqAQdfdvw&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-gvtwm
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEITOmcQ3S70HswyqAQdfdvw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame B2E6
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=30bfc5a050e3128f&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFu0v--FQhlANA3KFgAAAAAAA&expiration=1702495441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFu0v--FQhlANA3KFgAAAAAAA&expiration=1702495441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-gvtwm
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFu0v--FQhlANA3KFgAAAAAAA&expiration=1702495441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame B2E6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=m4mW4OQMHgyE&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FD848Q81MS72R4MMBSH8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 19:23:54 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8348582fb9de3972-YYZ
access-control-allow-methods
POST, GET
prebid
ib.adnxs.com/ut/v3/ 		139 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7694e33f42f73eda7695dbde27401831c740a0cecfa7a8fefc5f3aa099c82e12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:54 GMT
an-x-request-uuid
ed300c40-7825-4166-ae28-b534d874b4e7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Tue, 12 Dec 2023 19:23:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bid
ap.lijit.com/rtb/ 		94 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
251f2dfe5c0600d15f313be04473f6ba9a3e80449d855a44ac6c48269f92ad4a

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 12 Dec 2023 19:23:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pastebin.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bid-request
a.teads.tv/hb/ 		16 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-169-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:54 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastebin.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 12 Dec 2023 19:23:54 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNaMUZTRzdNYqetKMAa-UZAa-PUaY-MtAP-KMBeaqBBPPqrRlmNBBUbPMARdzNwqfftkRqxeNco_TYMYZaMUZT_wqfftkRwkjNTR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNkzwigxlt,jxqfzxdrtb,gyzdtroq,xfkxsn,lgckf,ztqrlRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr7ZvkUyGUZIM%2Fi6EII2oaxK0zyArS12sSz1ey1kvldJUvkTJQrBTWucK1sYF1MAaGFOS0TjwDThhZcMAv8V3f9T%2F5ZGV%2FgjSjSpiYLIqLtlSItBEwTjeoDRFbLlkI2DL5kSlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e30a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/tmo-v4/ 		0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNqerKqAaB-yeZe-PUyP-MyrB-ewyBZBUKrBKYRmNZAATARleNplRworrtkNldqkzqrltkctk,xfkxsn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cmAG1UaONZCzWHQ%2BuiQbuDimkpZCuYgcrZC%2B1kUmIeEpDhU%2FqUuiv9DCoa5tKA%2BsrR1uhDjnV6q2%2FVvCDrpQagjTXgx%2FOtZjyqu%2Fda%2BEH6XuXtuKWIjsnoXaleDO7LEKjGBfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e32a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNPYtKKZqT-qtTr-PMPT-qrwt-KATAYUYZyyMBRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_TYMYZZAATA_T_gxzlzktqdRysggkNAGATRwkNjxqfzxdrtb|AGZ|PPZbYZA|cortg%20gxzlzktqd|YPP|RmNZAATARleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vI9lrsWdJU5j%2F5mE%2BBLoaO5sCtUwMhAmm0quZaAwvIFvHNt5pVoyxdqOitPv1rDswCgcUbUhGxAaqBHBFBPYOewR45r%2F%2FVcQbU7qvxrdVGCa57ok7nxivJJQAQHQqvgApKlU2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e34a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 19:23:54 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
92b07b635db8880d16faee287461e5404847154dd0bf59f77257682140492031
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:54 GMT
an-x-request-uuid
c4fcb211-26c8-4bfb-ba8f-ca0b9abd1026
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Tue, 12 Dec 2023 19:23:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
834858313ce53972-YYZ
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:54 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATBRzdNKYaarwrw-MZaK-PZaa-MrrU-qeTZAUBrqPawRlmNKYMbaARdzNwqfftkRqxeNco_TYMYZZAATB_MRwkjNTR_yszuNyqsltRkjmNKYMbaARwlNgyzdtroq,xfkxsn,jxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoZQeQeO9PyU6H4p5L3IBfdTSzCi1SDXki%2FYoclpxs2gbmtzuUD5NW0uTIe6K3ImCHC62rTEILJKSm3PLiZLrM8hXPaLT7i585ASvT5haI45zA7hKEReXBLKGzceEZqdmJm2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e35a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATBRzdNTMqyTtwt-PyYY-PeAK-awKq-ttTeKayUrrZrRlmNaKAbaARdzNwqfftkRqxeNco_TYMYZZAATB_KRwkjNTR_yszuNyqsltRkjmNaKAbaARwlNjxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8%2FN4SlnFHzB4%2Fkcut7UkavYy4yInQUga4sn7bnunolMSjb9ahQo%2BszwIYfz9fHtr80b7I0Oz0u%2Bp9YlaqeRsnL2Fn9DrqsvBKQcLPYqA99eYE6erH1mRyAsXJoBB0qiiwbThA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858327e36a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=3494911751317183&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli50010&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x100%7C728x90%7C468x60&ifi=1&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702409034427&lmt=1702409034&adxs=155&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=998&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D50010%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D445%26hb_height%3D250%26pw_tagid%3D50010%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dquantumdex%26pw_pb%3D0.60%26hb_size%3D445x250%26hb_source%3Dclient%26hb_format%3Dvideo%26hb_domain%3Dpastebin.com%26hb_cache_host%3Dpbc.vliplatform.com%26real_cpm%3D0.5%26special_bid%3Dtrue&cust_params=hb_domain%3Dpastebin.com&adks=1740465153&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a0ab16fb8f2c09b360fcb06421b208a64dee0d40c791ed007360800ddb170ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12998
x-xss-protection
0
google-lineitem-id
5895501249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378800465
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNaKMrwaYM-rKrZ-PKUt-qTPZ-ZaTTaBZAwMKYRdzNwqfftkRwlNcso_YKRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNZAATARleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzHDV4QMLibpLXH%2BCqaz4NuBEbIxPPfBHzbdCkcQW3aSV6EM8oooocebHEteBxKf7ARkhdHm%2BY%2BhP%2FSOnCdhXWe8JvfqyDH5R%2BITJklw1jUkgwcbu2WsI9OSAdtIOlfBiWfZhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e5ba247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
77355174cac6b70dee4c7f646a67ef4779374cb04f2f68724a4d77cd532bb580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12090
x-xss-protection
0
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEB3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/tmo-v4/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNKAYyayta-tUry-PTya-MUrt-YyMqKwBYPKerRmNZAAAURleNplRworrtkNldqkzqrltkctk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJxsqUrjum9Hv4ur4%2BAdZeLDTagzBjUsIpQhmhOwSjUS4FgVTK0p92rU8xclxXjOzXKCVm2y7QUQhk94OTcKqTPF%2BpGbFKLbTDyHffMWnwh9q%2BIFdRPdQk688kIkPt3vv0565w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e5da247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNateZyeya-YwUq-PBKY-wBTr-TtqyPrKaABYrRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_TYMYZZAAAU_T_gxzlzktqdRysggkNAGATRwkNjxqfzxdrtb|AGZ|BAAbTUM|cortg%20gxzlzktqd|YKK|RmNZAAAURleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxrWLV%2FRhKrjB0Tl%2FGZLfxVN2DcbCx8%2B5RerNKPmhUOQ064ToPEQd2tsyO5SIc8JhNjiouNLnWG8KATg4DyvjYwNePI1hwQBSfNxJHMzCfqOqeJnLQhcGBuH3v3qApp74I2h2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e5ea247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/tmo-v4/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNMMPUtYwa-TZPw-PeUA-wKYM-TUZetZqPeYAARmNKKPKPRleNplRworrtkNldqkzqrltkctk,xfkxsn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLtTIrWfdVgTRuY8jZ4ZWJ%2B0BSsIKFunesxP5BpCSihXL0AEtXVhOStSeoCirfaDic9xs%2FJZJ7gZMqqFScceWrL0Xb%2F5015OyVnWQ30tuMoSz2p%2FkPLNjSOtkkQfVWcBYTWRoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e5fa247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/tmo-v4/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNqKZrrKBy-Kate-PAet-MMZM-qetyZrwertaKRmNKMaMBRleNplRworrtkNxfkxsn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlYRe37TtoLKNuH%2F8QajmqTQvTXbhHtehPlCATVLH0pjl8UFJfjMaRxeRqWagDIjiTkKDnDA%2FPAQHRNpzCM%2FQ4RBZgnmfxBhkXrTpsXWy1AULUOrz3OaooYn3MsVaK5YOR5MLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e62a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNUUrMPMwe-BwMA-PrwP-wTKM-rwMKeqBwwrwqRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_TYMYZKMaMB_T_gxzlzktqdRysggkNAGATRwkNjxqfzxdrtb|AGZ|BAAbTUM|cortg%20gxzlzktqd|TaT|RmNKMaMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeFSJXL8AtY8VyUdJnWnct5cWz6HfSmnvlrM%2BWcNjTNKnaXiDh%2B6xY4gMxI9sm5ZeE1I2EXdiqljwR%2F05MhUM7fiQYYzTZLhW2ofQLGKpmVentAOmy0lxhv1FZWQnrczXGzS5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e63a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyUerYraY-yYeK-Paqy-aqMP-qtBytqyUyTaqRlmNBAAbUAARdzNwqfftkRqxeNco_TYMYZKMaMB_TRysggkNAGATRwkNgyzdtroq|AGTAYKMAa|BAAbUAA|wqfftk|BPU|RmNKMaMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq8hx9Q0rQ69lO4S%2F7k7xrt3n2FPHYeVuI7vy9JtqdQUml3GSu%2F3ImfVL23dY9d3ZtuF8p%2BaGGPSN1ysSWNyVM1SGViGs7iaQRE%2F%2BbaLbQ8jwYX%2B8i%2FpEABxXxBmoE3RRx2Chw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e64a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=4152465642745450&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli77474&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60&ifi=2&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702409034489&lmt=1702409034&adxs=155&adys=1424&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=998&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D77474%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D77474%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=1426353414&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b48c554987b12d195e3ea75c9a501633d66c3b790ea7ed244e86459ce38c97bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21569
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNMyMyqeTw-MZZe-PPeA-aAYP-APYBaePytPBMRdzNwqfftkRwlNcso_YKRkjmNaKAbaA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNKKPKPRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN9UGP%2ForH6Wv6BPx%2FjGBJoco17MEfAUasTFVNMxoAcHXESEFLHz125H61h0NEMx7JmdjSeeqJ7IJKZned78zEr3WcmGLnpw%2F%2BYXMD%2BcKX4eiUfLTuhlT1LFwEJ8nDXZ5uITqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e65a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=3812861028678518&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli50006&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702409034501&lmt=1702409034&adxs=622&adys=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=998&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D50006%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D168%26pw_tagid%3D50006%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dquantumdex%26pw_pb%3D0.60%26hb_size%3D300x168%26hb_source%3Dclient%26hb_format%3Dvideo%26hb_domain%3Dpastebin.com%26hb_cache_host%3Dpbc.vliplatform.com%26real_cpm%3D0.5%26special_bid%3Dtrue&cust_params=hb_domain%3Dpastebin.com&adks=2072559514&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e221df79de9832630cb3f5c4545c88de6fc1913a7109b4f9d1df5a950a5c7b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12637
x-xss-protection
0
google-lineitem-id
5895501249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378816345
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyYBYKKMT-rAZr-PyrB-MPYt-YqZZTtTKBqtBRdzNwqfftkRwlNcso_YKRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNZAAAURleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddiO2P%2B2Som3lKzmXvTGfqmrMPg9W%2BEK2Y0m141cv8Mpdod%2F1JnoEdaLiDiWTDBszGs8EmYr5KA0DGRAQ52Ug8A0PSEcCpy5Nn8FxbAr3wHrLxPcr0%2BbTJmQ4cUJL9WncBQ09Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e66a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=1471708702524329&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli78983&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600&ifi=4&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702409034518&lmt=1702409034&adxs=1159&adys=1073&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D78983%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D168%26pw_tagid%3D78983%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dquantumdex%26pw_pb%3D0.60%26hb_size%3D300x168%26hb_source%3Dclient%26hb_format%3Dvideo%26hb_domain%3Dpastebin.com%26hb_cache_host%3Dpbc.vliplatform.com%26real_cpm%3D0.5%26special_bid%3Dtrue&cust_params=hb_domain%3Dpastebin.com&adks=271645706&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0991a9db30a5582cfba695aa27c971d973a376073bbaa7150aebd6261a645d8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12644
x-xss-protection
0
google-lineitem-id
5895501249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378816345
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNaMUTUAYZ-aAYU-PBMZ-MTBM-eyPMMBerwaKeRdzNwqfftkRwlNcso_YKRkjmNBAAbUAA,BAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,TUAbUAA,TYAbUAARrdzNuggustRwkjNTRmNKMaMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U0%2FzV1D8PiFjvugxI4KNXO4lJ0P%2FggLGQZ2uZrNj%2Fib7km7GZwYWZ%2FKxbPDAn1axt00AW9uDsoUOqAUvFzSiGwmdn6pDOBWsYjgT56SejHDsOiueoBRSKRxMLSR%2BpLXJzP3qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858329e6aa247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:23:55 GMT
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 961D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNPZtMMUwA-YrKK-PUaY-MBAT-PUeKTTerYYrrRqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNKKPKPRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:54 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvVhVWI82vcfnqWvTzSJLtZCT93ZCX2gSX0vNIAgXnMTm1wpqsNiiuisEiZalWTmVja3VAfg2wNY%2BwOpHvzwh6MDQhwXqr0NtxrsMEoMaF%2Fncvd5xLozqDyrpVw748wkwIWugA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858343855a247-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2DCE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 961D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 12 Dec 2023 20:00:43 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 961D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:55:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14395
x-xss-protection
0
server
cafe
etag
62258312933698035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:55:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 961D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
63069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 961D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
63069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
l
www.google.com/ads/measurement/ Frame 961D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0UNSNjjDjVRars3cKntE-j-zmj0xXcYeCNZN9wr6izsMm-CTHAZbZzAsoZ1DmhTd27WggjWe7OnpDFLn-aQMPePk3Tg
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 961D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 961D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
63032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		187 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=3507020522657475&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli98651&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D321144d023cf90f8%3AT%3D1702409034%3ART%3D1702409034%3AS%3DALNI_MYNpW34lfeKapZYgoTRT18QEyrZ0A&gpic=UID%3D00000a037d21d582%3AT%3D1702409034%3ART%3D1702409034%3AS%3DALNI_MaSZBqleO-jGenvDgoz4gwowNZlIQ&abxe=1&dt=1702409034984&lmt=1702409034&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsnYyu3f2QAkJ-Ay7F-5f_RzRJgF7v1xj70TLLOTMAUpPAO_n9XHqPpa7jw1WRAzfwCvTB_oo8cPCFF8bVqc6Q%2CAOrYGsmA0v0hWHTJaqZfJVY_iwc20x1iL4aYdCpJLbS3S8JaIxIrNYiyUx9bMI1r18Qu6v5BGTwtyGgXq40gvHx0cw&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D98651%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_1282598651_banner%26pw_tagid%3D98651%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=2486759589&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
15a8b60c4487769775847619aa486343ad7b83a697ba25bc6f1147c07723f2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52541
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNBtZrUtMK-yUUq-PPyY-MBAa-UtZPMeYPrtUURdzNwqfftkRwlNcso_YKRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNaMUZTRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsgWStm8fdYTWpdlZNpYUfYhAn7CsGjqj%2FTjQUM1Y86NatLqEur6g3vswGViG0BzVHZtzTjrNsvY3vbAh8DbsJnd14xSFHt8lAfzMcbWWwvG3RYPMYftTvgqTpRh%2FvnyCm4fXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
83485834bae93a0b-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
43254
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 07:23:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0D95 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
465760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Dec 2024 10:01:15 GMT
creative.js
cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/ Frame 0D95 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
content-encoding
br
age
40337
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9566
x-served-by
cache-fra-etou8220114-FRA, cache-yyz4521-YYZ
x-jsd-version-type
branch
etag
W/"6ae6-HipPh6snRMhowanEoWkzrzhb7Sg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0D95 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2DCE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
465760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Dec 2024 10:01:15 GMT
creative.js
cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/ Frame 2DCE 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
content-encoding
br
age
40337
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9566
x-served-by
cache-fra-etou8220114-FRA, cache-yyz4521-YYZ
x-jsd-version-type
branch
etag
W/"6ae6-HipPh6snRMhowanEoWkzrzhb7Sg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2DCE 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:55 GMT
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AFF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4010135576651040&correlator=2791056504554461&eid=31080124%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22655399017%2Cpastebin.com_vli50013&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=6&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D67070d44bf07545b%3AT%3D1702409034%3ART%3D1702409034%3AS%3DALNI_MZYj_tvAjaNNp2pN4IuMJ6zSEku3A&gpic=UID%3D00000a037d35e9bc%3AT%3D1702409034%3ART%3D1702409034%3AS%3DALNI_Maa_vVVA8jXl-1sk58dUN95uAL1og&abxe=1&dt=1702409035122&lmt=1702409035&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastebin.com%2F&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&psts=AOrYGsnYyu3f2QAkJ-Ay7F-5f_RzRJgF7v1xj70TLLOTMAUpPAO_n9XHqPpa7jw1WRAzfwCvTB_oo8cPCFF8bVqc6Q%2CAOrYGsmA0v0hWHTJaqZfJVY_iwc20x1iL4aYdCpJLbS3S8JaIxIrNYiyUx9bMI1r18Qu6v5BGTwtyGgXq40gvHx0cw%2CAOrYGsmal_DiGki2aHOqVPtV0E3f7M7AB3ODh2WCtxE-nBhu9AdweA6_B7bk0qnoq68Lctj9lpcZ_7PtO7wvpirr5Q&ga_vid=1975534093.1702409033&ga_sid=1702409034&ga_hid=678186623&ga_fc=true&dlt=1702409032316&idt=1248&prev_scp=vli_adslot%3D50013%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D50013%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=3521755183&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
83cf663f44eb2787a963d63163992a5f06c2a41dae4ed935a165f2ecde90879e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15925
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNZKMUUYqt-wMtM-PrAB-MBTq-UatZryaqAeAKRdzNwqfftkRwlNcso_YKRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqhKrh8TfcmdDQMthjGUj%2FGD70bISBoICSQoW29yCQVUuLMj3x3TCTs5ZCqb22YMki2jeigqJvykjMG6G%2B3K4a%2F9LHM0V48LeV22vxNd8X1z2ZAH%2B1eCcaC5W1s7eb%2F7Hz7VqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858359c483a0b-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 0D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvAY7PDabARgefWRiGJSbhJzqwsMkCzYqSf72fHKV_-eZQ_SKK0_MVn5ImEofzgZ6mEWhsID7nyPaMc1m5OG6GDjYSbmTAwNdb1Pu9gJFIXW0fmgQokJGpl3GqwopE9bflQp3265IB_YvO8Qz_2BQuNgGFcDy0sRsjdHRxpjgwiCXvo7_X96lzqlUL5mrItp7SiLgoEi5s1B4CVEg2g5Tmk14Z3yfuIqlLlevtldYV_Vgx5-j1MuLqT1Wgw-V5HnVYScqIOE_cW2mFT9LKX6zIa5un3unX3iuUSJswFmBQHrzwzU8int1nA86BTIuHiwkkiKYRFtPqpXjxkHkpgkkqGrBXif9EuEpJaEcn2Vl20KAPNWgasL1keytU-MSYGv4I&sai=AMfl-YSAAjkZQDxeeLtoYO4tK_mcMGSnZh2s_NW5LzND17lWKXZ1myFDXgkAfMpVC23hTOJ9HCUPKVsznYXP5OeWHOTNCJkxzKtZohEomO41x9kk6RUtQpH0Sc4HWOr-XuA&sig=Cg0ArKJSzAZkofw1aP5kEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2DCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAKtUNDM3WKuVdvmMzrN79x1VJ4fRIN1DS03qwBUJPMjf9zD66r7v0Y-PTS7TZEeJJvp-EZtGbN6TO7RsgxJuW_7cftU2N3f3yNj20rp2UHKg4d3olgPnMzZcqtniwayrlJTwB_l8nPKpPI-5mWqybtr78wIblg6r3CdN2TjWlV_jv_NQu1eDAhC3vrNOiofIdBW2HOe8mfbjvl32udEW-wM0btUd5OKCa5nbbC2FhiNSBZdrgkAwZD1PctTF2ic3QY2cbTbK36r_9E5dz10lB4GJahCf5ky1HDBF748fFT5E8WArggFqPr57WxowClQDkJ7Q71kIOci7VNR371qqRyPUZI5hQocLGEeZMsHtu9YIUJd0epooG1pKX7FJAoAwt&sai=AMfl-YTBqbWKq2Ci58hYhKmaJwnvSbiib-pJMydxkM7TsCBY1QiCR6ruezuqhzjfVFbpkOWqUnH-DOGhl8hHwA19SUMV6bYF1MdAOZpKaUnPpcUz8LiwK1dr9VRsG__9dg&sig=Cg0ArKJSzBxq0Nvr2fLdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87E4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
466614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 09:47:01 GMT
expires
Fri, 06 Dec 2024 09:47:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B21E 		829 B
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
dd6611f6d76c13184f5954adff1d1101c4895db4e803f76fef3424aaa05e0101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZVAiHG75LJlFsFhOYJnbcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZVAiHG75LJlFsFhOYJnbcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:55 GMT
expires
Tue, 12 Dec 2023 19:23:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AFF4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
465760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Dec 2024 10:01:15 GMT
creative.js
cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/ Frame AFF4 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
content-encoding
br
age
40337
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9566
x-served-by
cache-fra-etou8220114-FRA, cache-yyz4521-YYZ
x-jsd-version-type
branch
etag
W/"6ae6-HipPh6snRMhowanEoWkzrzhb7Sg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AFF4 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:55 GMT
ecm3
s.amazon-adsystem.com/ Frame 97DB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=Hz2reBZHNsixJUGTQ72LOFhh&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JD89JRQ5TN1P4BWN2E7S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 97DB
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Hz2reBZHNsixJUGTQ72LOFhh&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:5e036a7b8b1a01c27fd8e78fc975943f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:5e036a7b8b1a01c27fd8e78fc975943f
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:55 GMT
server
Aorta/20231212.88a94bacf
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:5e036a7b8b1a01c27fd8e78fc975943f
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
d5011468c670
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 97DB
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1702409035162&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=28D61EF5D2B1453E8575A7420710A39E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=28D61EF5D2B1453E8575A7420710A39E
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=28D61EF5D2B1453E8575A7420710A39E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 19:23:55 GMT
6c4db297715e8da5dd48a587027b226d.gif
cs.iqzone.com/ Frame 97DB
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=98db1d72-c26b-5381-89d4-bf91cc027ac8&redir=[RED]
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=98db1d72-c26b-5381-89d4-bf91cc027ac8&redir=[RED]
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
8.2.111.13 Greenfield, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
Server
nginx
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
Server
nginx
Location
https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=98db1d72-c26b-5381-89d4-bf91cc027ac8&redir=[RED]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame 97DB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=m4mW4OQMHgyE&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=m4mW4OQMHgyE&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=m4mW4OQMHgyE&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-gvtwm
expires
-1
merge
ce.lijit.com/ Frame 97DB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=8d2d0818-b225-4249-bde9-d8f1a7d4e78f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=8d2d0818-b225-4249-bde9-d8f1a7d4e78f
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=8d2d0818-b225-4249-bde9-d8f1a7d4e78f
date
Tue, 12 Dec 2023 19:23:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 87E4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 08:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
383501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 08:52:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AFF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst090KVGoYrbwR_pBrk6q_3IJtHHirIO9nXMxTJidkD_-WyGNegfCR_jKStbWzrWuElc6ekVD_r6tssvtr0dl-t2YQowkRxwRkRorlgGXJPhXpzPYrEsfzSSy2xrC9NPmCSJUn0G7jJ6Zorymd8BVeZK9JbDlTYyKBJ88jfRJrJcn9zs8_IaoBm7yCRNXo-BzhAbGUQlN8XptCD-9Ypx8yk9mYhqhtpcLmFXiAEtCOW5idkQn71DDFA3rxcFzzIXvbyG8P4LHOzkDvhwGsuWcJGtmcRTi1qHF2TOI2blZbwXy4njC0qwB-nu8GQ50BgsulzROnRF46USueD9fJVS_DZDY71eRcpxg6iQi1Dw5gwVm1KakPrZXzJCr8hTz5iqUaq&sai=AMfl-YSZsrxx5t1UT1RJ5xajZnopQWUGq1oS-6HZOmlLH_QeaicFy0ycs4LvIU7IF3bH3XX0XKMokxyxcQlrfvHL1s3-Zvxz9_7ExuqYHncKnVcjf41GxXpwwmAobPAYRg&sig=Cg0ArKJSzCTKgCcfCYc2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B21E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4010135576651040&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
impl_v99.js
www.googletagservices.com/dcm/ Frame 961D 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:21:22 GMT
B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPy...
ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/ Frame 7370 		66 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ff0af92b7a7133d0497f1f400a186647f08dd91a7e441f29fe9e2bc847489930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 939E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
80740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:58:15 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:58:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 961D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a279a3134422633b71648e78e6170f0b576bfa73d64cc82291a6c066b34b9da

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0D95 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0f2f5934e959ce1f8d7a919874aa88d5d6f4804ac67f18680aee6ffd9dff17

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoR2TcL4XaqGmc_lqSO9vGLhgePdN1oF-SknE53V3c3gYFqKMk1Qpe89J0-8FMhUitiqQlIcDV9w_dbmqgzs7dXLp7vwvca-PkZHSZfbt0IJL6HxHZ5t2_xJAJ-FD9-rxPP1USTO1yDmv5buo9OkQLjYlbWlYXygHljA2NNdfHLD0kaqIuASFjPa8VHLJTsiPvXpDHB5_x75jjLNKxCXQwVi_yHaX5ujL48DRYOwb3uC2SmBDJsDMbh-2-bfP0UMXQHc-Kkuw97XY7kYl9R7K_p7Zdwp_SvYQ_P3j4Y_8sazdIH0LB1Q2YnqZT4DbnNZWHP-k_H9Gl53RiS83BOS3qD1HAFB8L4bNJSpmEf4_S2joDitvJ8vk8ooQfSjUoTV9WrGE&sai=AMfl-YSuEsexaR_-GECpmkcPJZevbICFt4mILpW3VKTF9Yik1glmvxPBessW64DypfcuzkOWEE3aLbj_KYI6GKIaQHc-GI6slkBML2jQ7cnulJg2-7CH8HPMLbYShWYObuw&sig=Cg0ArKJSzL1jfBBYMMbbEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:23:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqIOPSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPgBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fhDmKhIfXCPZOIGj7WloqqBCuyJAHE9IgmEUlWonc5MNRohW77XNoUEENTABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD_mgbSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKGXkO7PioMDgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ8OCP7_DLjLl3EgIBA-INEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQGAFwGyFx8KHQgAEhRwdWItMzc4NDc3OTQzMjE3MjMzOBiumIEB&sigh=qdGg4j6BrB4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 19:23:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 961D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqIOPSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPgBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fhDmKhIfXCPZOIGj7WloqqBCuyJAHE9IgmEUlWonc5MNRohW77XNoUEENTABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD_mgbSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKGXkO7PioMDgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ8OCP7_DLjLl3EgIBA-INEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQGAFwGyFx8KHQgAEhRwdWItMzc4NDc3OTQzMjE3MjMzOBiumIEB&sigh=qdGg4j6BrB4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB&cbvp=2&vis=1
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 87E4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WUKWLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 2DCE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54a6f240f2179f21b1fc720615305bfb369bae93066902c1904ab3fde9449bf0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2DCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0NzfWNuNS68Oe7r4p66dbNnDDvOFuuJO9rFcfUyjzt8BV44WX_mCTnoyis-urh_gO2gf49j10WvIVLmNI1kjbXmAeGkEWbsP1nj2rvmMK2TIxwdc1ZOfC_DkEH10TdSIltzTxtkFhrHl1_ZAPTupWuxLTOr_le_pCFpt5gfbc43VrlgL45blK5Uvq5zMhfk0KTAfnokI5p73pM5gdhraQ18FkFPiTZL6gOUfRG92B0v-vLjYGk1JaS4fnkkA7z3o_QzPFmPPCfXIvWDrxnduZRItWYRmZtnSlcBHC7c7_s0ID9GFplayRaa225PhwJxI3zcYca6H28SZT4qeG1YWxVaT9VPpPSxRXU2XpZ8mIJHK42qPVx3ujoCbzlocKZpeQjuo&sai=AMfl-YSiIfesRs_TtXi5N50S5hu3UdvO4KPfIULCK1RO2QKlvP_8JynHTh8xrw9klq_7wyBGILv3RJjrP9Wza_pgNLjfGnyIhMcQCozp9QWYBqI_vY4RQhZgTuVb5ByVdA&sig=Cg0ArKJSzA2v0jTsaHPREAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:23:55 GMT
truncated
/ Frame AFF4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aabf4af33f71f20b315c259830fe599bce705c4d7f8eb28422a56527b0957c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AFF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX9HaufGSL1KhA8WxJsb_xr25WjSynnJ75E2z0NA3jhsYaaiDJJrLILv1xvfHLXceZHV0Fbhtk15i7If-JQibbGFX4GpImJ3yOoQl8rT-Zb2HCl0tgLRLJVP99CnATmHfhpRKdH-oJOEcR3jGms5PJah2y-QFeSD9t9J48dfV0vOVM_-o6vhYLWT1lbfIuqmhkTAT8JPUlIoq4LYCUoZziWIrnJqWBs2Nv5-1YsXCPHd5pc6SzKY2uYkXb0IR5bTas-1Zv___eYmZx5SHWKn05InEQxZfMDJI6OSjBJAIvDQu8zEFWT9eNouvr92kMe1h-6ZBUeOTp5tSQeCBUZYdxbdC_SiuLLf6bWiIdxGtDsYuY1wyLDGCcAJRBOe6rWtxllK0&sai=AMfl-YT3Qm2OYaCMfA3K6BnEVbjfwzoqf2x-PKUxa5_U5kNuP5xhuGopAP_VG8ZWiHqQ0eXc1kpQ3BbtANTGkOKDhm-zrP7s7Z7uyfNvTvRPU8jcO_0IrNDqY373XqwjhA&sig=Cg0ArKJSzAWzhyE-ZPhFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:23:55 GMT
pixel
cm.g.doubleclick.net/ Frame 939E
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEG_Yf3pRppcW6jBKPPbFZtg&google_cver=1&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw&google_hm=UjM1Q0E5XzEwRD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw&google_hm=UjM1Q0E5XzEwRDk3NDY1Ql82QkY2Mjk5Qg%3D%3D
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTMM4rPBxIras895K-rYgK6mZ0P3Mmrs53lLBg4e2d5PUFaP1v4LSFjRVY6IBN_dXtXwahaN7nw1Fbl8y5QkY6vQNs-Hbh-Aw&google_hm=UjM1Q0E5XzEwRDk3NDY1Ql82QkY2Mjk5Qg%3D%3D
Date
Tue, 12 Dec 2023 19:23:56 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-385413837; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
348
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 939E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHDLOSL1q7Dx61lE0KVbNSw&google_cver=1&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS3HZJT7xjOrUszNhI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FCF91777CA594CE9B3E5E3FB80D5C614&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FCF91777CA594CE9B3E5E3FB80D5C614&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS3HZJT7xjOrUszNhI
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FCF91777CA594CE9B3E5E3FB80D5C614&google_push=AXcoOmRuDxDOlLVpvg801p5_nN7llWhkTWjaXhU0KDJ24NqUVwRJx42JcypkQzN5T0i6W9XJ9fVG9JVaI5ABfgS3HZJT7xjOrUszNhI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 19:23:55 GMT
pixel
cm.g.doubleclick.net/ Frame 939E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJUITKTSqEyJMIkDm3R8XAQ&google_cver=1&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBN...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBNhe9KONWUwj9GlTSDFaWv92A3X0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBNhe9KONWUwj9GlTSDFaWv92A3X0
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 589009FF13CD4CB1A607F065EFF98203 Ref B: YTO01EDGE0510 Ref C: 2023-12-12T19:23:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR0fco9kSB_ZFcygo1SnbLQEzLqMnjfFpmknP4hB61kn20YjhYePtGE_2Yg1aDTNIQ7OBqBNhe9KONWUwj9GlTSDFaWv92A3X0
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMVP3bWayfvm0kxfxzDg==
pixel
cm.g.doubleclick.net/ Frame 939E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmSHK_Icp30jeJzxMOoLquibsJW1sUrsPF65XFhWMbZRjQevb4fMe6eUTTViRT_5SNsfUzaBVKULEyA-iQwzh6...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmSHK_Icp30jeJzxMOoLquibsJW1sUrsPF65XFhWMbZRjQevb4fMe6eUTTViRT_5SNsfUzaBVKULEyA-iQwzh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
date
Tue, 12 Dec 2023 19:23:56 GMT
server
Kestrel
content-length
423
CookieSyncAdX
rtb.adentifi.com/ Frame 939E 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESECBsJkNJnMP8XfW-GcMbanA&google_cver=1&google_push=AXcoOmQuENS39ucqev2eYlZcZaPI5GxJ_25WnIQYlZzFNuOSnueMMdw0LsSvZOqEjtBdoJ3-3E15DsCAr4VavegfjJpw-2YHZZQH2Pk
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.58.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-58-192.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
asr
aid.send.microad.jp/g/ Frame 939E 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESENTIBmVST88nNPlBRxP7BA4&google_cver=1&google_push=AXcoOmSncXRhRTwhQtA6kfrdyegF0L1AMGw83ZwogFRwhn5vEEB_2J3vBYJjZZj2u0d2sS3X3D6Zru4rvNYKz_s5oD8rZTXogNqjips
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:23:59 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 939E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFFGUsPZan9m08qavA57tho&google_cver=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY3DhBBbaeTFIAbWF251z8mE...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY3DhBBbaeTFIAbWF251z8mEi6Xk3YNJwz-hxqI7xQX0d73zGLmJ
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQZx8qhzV-lbaJmOQQwl9GJdX--w8x_ATYAVNOtlk4lYrR6YY3DhBBbaeTFIAbWF251z8mEi6Xk3YNJwz-hxqI7xQX0d73zGLmJ
date
Tue, 12 Dec 2023 19:23:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 939E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KX4k-ASP04G_yiP7MQg1I3o7wcOxVhIZ9U7I9KL-PqwZEdCkcOphzbLb3ODW5BGc8JuQFD4A
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A4B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNwBqZryaY-reKq-PqtU-qUAy-MUBqMryrwYTtRqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:55 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4rekt5Q3OV1WXECCJVYLi9913LeI%2B0%2BPwc9AXMU5Rplle8hJL%2B%2BqPDm2wsKjnYo3h8SNJRIpF4%2B%2FWVhAGufjfl0alzKldcf2Br0bpO81kZqo%2FT1G8%2Bz8UAFTrZC7GiQrQjAKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
834858397b843a0b-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 1A4B 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 10:01:41 GMT
age
465734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 10:01:41 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1A4B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 10:01:16 GMT
age
465759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 10:01:16 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1A4B 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 09:47:27 GMT
age
466588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 09:47:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1A4B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 09:50:14 GMT
age
466421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 09:50:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1A4B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 09:43:19 GMT
age
466836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 09:43:19 GMT
css
fonts.googleapis.com/ Frame 1A4B 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 18:21:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 19:23:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
34539
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 13 Dec 2023 09:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A4B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:00:36 GMT
x-content-type-options
nosniff
server
cafe
age
80599
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 12 Dec 2023 21:00:36 GMT
l
www.google.com/ads/measurement/ Frame 1A4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSopaF3ACxL-pETZCmak-cBb4wUE2_nAgBM9mjgQ07mqWNcx4Immravv8G1o4MWY5i-1IL-kX_rtE6hVj2a1fqEJEX2-A
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/17725893597414919017/ Frame 1A4B 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17725893597414919017/6592766407814317453
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
7e0149dce948144e22938cb3e17126e16b2578f977d8b3d854bdd6db12bfdef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:48:11 GMT
x-content-type-options
nosniff
age
466545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48919
x-xss-protection
0
last-modified
Mon, 08 May 2023 21:26:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 09:48:11 GMT
8578129967820296872
tpc.googlesyndication.com/simgad/ Frame 1A4B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8578129967820296872?w=100&h=100&tw=1&q=75
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
44cf9986188524d6865217bc88d034930fbd0945db4086c251caaa0486ab8479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:46:41 GMT
x-content-type-options
nosniff
age
466635
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6322
x-xss-protection
0
last-modified
Tue, 08 Jan 2019 00:32:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 09:46:41 GMT
truncated
/ Frame 1A4B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85c9015b1fd87a1010d1cd417b33c08280b4369929ea16bc251c0c0315d3640f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
B29069693.365454385;dc_pre=CNuO-u7PioMDFWAMaAgdnvsIWQ;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 1A4B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=...
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_pre=CNuO-u7PioMDFWAMaAgdnvsIWQ;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_chi...
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_pre=CNuO-u7PioMDFWAMaAgdnvsIWQ;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.365454385;dc_pre=CNuO-u7PioMDFWAMaAgdnvsIWQ;dc_trk_aid=556463389;dc_trk_cid=190791332;ord=128711473;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1A4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgGCHS7N4ZYOUC9TH6toP17aBqAfBjPyKdP-g7r23Ea-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwqqBPQBT9BgozVFzkLp4bRHWpjWgZp7i747q6VLvnDNLQtCtnCVYQecwofVySl0qEuoN3pFhWwA0fBGw9VfQ6qwnLnK54chEDgl9_fH63Gcv3FObLsnAJjeYQdb4oyG2xHge9nArnXTXFVacyqEoE_HCeZSzq6BE5NwnKRAZUT742dWbsE_Jk5kHni7QJD46vdB3o6qjyoeODDdv4MjjHO91dCSY2zpI0pBT9AUbFHCNg9HykrKLnE3BJ9epYt6-b3uRTdm5OSQr6WEg9lAkNkAAWWNZhgFOZozHxEGUH7SkXdHNW6Xhg6JLnLs-k9-FL85TUYmQ9YdWcAEvtbhqYUC4AQBiAXYhv25B6AGLoAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELHlBNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY96G27s-KgwOaCSpodHRwczovL3d3dy5zcXVhcmVzcGFjZS5jb20vd2Vic2l0ZS1kZXNpZ26ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQ0K7eos7OsvQhEgIBA-INEwis1Lbuz4qDAxXUo1oFHVdbAHW4E-QD2BMD0BUBgBcBshcfCh0IABIUcHViLTM3ODQ3Nzk0MzIxNzIzMzgYrpiBAQ&sigh=KxPvMzPLKA0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwDICaaNF9LDS-OxJdMQU6AD027SG38Oshkv9dLyQqlSg9ySYQOrGebQ0puBB5nuny-IcON1zgumxHj5GAE&template_id=484&cbvp=2
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A4B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:48:08 GMT
x-content-type-options
nosniff
age
466548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 09:48:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A4B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 18:15:53 GMT
x-content-type-options
nosniff
age
90483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 18:15:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A4B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:45 GMT
x-content-type-options
nosniff
age
465971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 09:57:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4010135576651040&bg=!R0SlRAvNAAY3kmNgF5I7ADQBe5WfOJpiUuMNzjenaenbhNoERkQOl3ROKwIrdS5rmS86AiQu6IpR5YqiJsg4ChKqk23PAgAAAY9SAAAAAmgBB5kC7Wt9BWhpIIm-blKPNsLfW66NU-0VbktjkFf-CgyX-soEANKPG6FtD33lPdK4rWd8FARkBbWJZLkoy4IK0qGcHbzBiBo_UdXTNhn0jrm9Iex3MTazW82ok0I38pp27fDSyq01NBSZfSFH7Ujq3imZhnG-g-vTWPOfTiGx9Bu3ldA7ajM1rkUBbWe0H138YAsj_K_AeiVLEfvbB3WTUCq7WPEvutLoelviy_mxdvptasAY_VQRQLzmEmVZK8D_6jviQklxN2SVqrByRSjZQTU9NrtRA-0ac7SXQI48YbbTekJx6jjjSE55ny-4a3qnATF8pDzhshOgGMVQeQmUoHmabWOk9U0zzEjYOOOB_duOysUdQM_h08ZJbp_16lqNsqvkN-d1fvzEwyj4oByCYHxoOzQNxAGJsXKLHS_rpU7Ny1JL0sH_91xZvheZbysXQbzH1J87YEcUl5TMm7W5RL-KRwIrxt2wnoZt8vMFO8TyTANQ6NpCelZVzycKo0H54IACFiTGPu7BqelH3HE3DB2VsAKkiVqdR7ZAUVXJ2gmfVyMXnIz_hxq8MIg5Uhyf5lDH3umqwev3oj01VXvmvWhSdP7oXL5aKABDMk9X6mWjs9hfAyhD7Kl3ByBep_8dHcRyacmjVo3CcwOsSMpExp7k4Pu8UWa8us5d2h4I0YjBzpTSxCxjbJEpIRKGkbyfPqcFI2aDB6XS4XIfOXko3IZYUNMi_gNkZOfAJq5c3qsvu-ctdh5xHFlU4VlVk7Zz3ooc6LV0jD_p4BEx0sXoq3uhp9nmyGxPVeegyrKuGaVbskVqnSBiidrjZh4GuuoSpeCrykt-V4EdAlt54b9OA8MQ_23LeTNpZ9EtKFffE55BnD9m3ysE2QmMZd6x8ISbEuluOlRgL3xj12czR0THRL8D1wD9woBmOnLYTOgOTxZeX-f_02p5a5LHcEF-glJ6dqPV_aWlvQbK4l4HBUr_Gns9NMTqnMWP4lKZTBqooApp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
container.html
088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EB8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:54 GMT
expires
Wed, 11 Dec 2024 19:23:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14756317708980630779
s0.2mdn.net/simgad/ Frame 7370 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14756317708980630779
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
5a6fd1d6a7c2e8a6080aa2c2e02434e4dab2b5f0ac57338dc1a123f7a05629b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:46:08 GMT
x-content-type-options
nosniff
age
405468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64376
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 22:48:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 02:46:08 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/xfa/ Frame 7370 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
accd286d5615ed70f6e559aced46cd395dec1ef331923df53b38118908b763e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
62157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4295
x-xss-protection
0
server
cafe
etag
4396225862294152759
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:07:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7370 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
63073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7370 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7370 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLIxlueyFkdIWqHaAzAGEagWEtUhmYMxBgCUZoNqJH1UqaiotFPcNvH7JYC0vTqYNcHzPIOYGEygkHvTzHz6AnwVjc191lpG7FWU6nuAk4AwmBdFpCCAVUpdU6juF0l5zGYFRTrWCOljXlkhHS2qECQvo2dFec_wlICA&sai=AMfl-YRqTVNJR0TVPyozAvbRHOrUhjCwwlJw4Aov5ecVhqea-TmQcBaSIzl205_vCTftmVAq07DD47CkWI1j5QnJZqW-pdVHgE2XBYt4lQ&sig=Cg0ArKJSzHsG0Y-IY9ETEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.20376&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 7EB8 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 18:18:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 19:23:56 GMT
css
fonts.googleapis.com/ Frame AB26 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 19:10:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 19:23:56 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AB26 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
63033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AB26 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
63033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:23 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D68 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 18:52:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AB26 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
63070
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7286 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
80741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:58:15 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:58:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AB26 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
63070
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
l
www.google.com/ads/measurement/ Frame AB26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXXn7w2e88-uKKtReoI4opxKgrrsjMp23mRk2UOAURtQIycnXc64oUuKxeCH_FB9S_ZDnjwxngjMQLVNIqArdx4ux4rw
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AB26 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 19:23:56 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame AB26 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 09:58:55 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7EB8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63019
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:37 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EB8 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:01:39 GMT
x-content-type-options
nosniff
age
465740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 06 Dec 2024 10:01:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EB8 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:36:30 GMT
x-content-type-options
nosniff
age
42449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 07:36:30 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7370 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
466542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 09:48:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7370 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4d32910b704bb3097c6ff4c647826563833179dc81cb95a316726dd8363f3517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5758
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 7286 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOJtMm6N9BT_Zahhe5SLftk&google_cver=1&google_push=AXcoOmSMdNvVU78ehBA270lmFZtdq1FlFo-xndk5r8V9b_XqTM-7VXqG-y7j2StFZ62KOnblL5e99wLmaZ3qZETFUHpXGO8bjVXqAr4
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7286
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJUITKTSqEyJMIkDm3R8XAQ&google_cver=1&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZP...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZPtvUrKxCAo0wvjEQsVXaI74lFehB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZPtvUrKxCAo0wvjEQsVXaI74lFehB
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AB4C023437674389A229A8DD35A8761D Ref B: YTO01EDGE0510 Ref C: 2023-12-12T19:23:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6VGQ9fydcaP3bfDFl3QexHhi_dLX_QCMpTi1ndru-gVTA09ofQaFMnBzJrLOq9ZRjMm2ZPtvUrKxCAo0wvjEQsVXaI74lFehB
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMVP3h1fsRA+j7oa6ojw==
pixel
cm.g.doubleclick.net/ Frame 7286
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENdamDjDqVrJEWS-bP-QiwY&google_cver=1&google_push=AXcoOmTxBiRdVHFIHiTUwHNRuW3O-Ubig5GfS5XhkuLIfHPoC_3DThXXQZ-Tb7m5ktTxw4r3DKU-7Q5RJsloHnZjCV...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTE4NGJhZDctMDg2Ny00NTk4LWFlNDMtYzExYTUxYWRkYTIw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e184bad7-0867-4598-ae43-c11a51adda20
date
Tue, 12 Dec 2023 19:23:56 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 7286
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPnhGzTuNefsKUosykaZgew&google_cver=1&google_push=AXcoOmRNM3ColzfCtU2lgP7kePgfMVBevxdVOPVdqiq7ktF-o76mCCz3eGr5gCNwmwnwzyaL-Ob7WwjGJl99zU4KYl7tmWbbz...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863945431211&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863945431211&us_privacy=1---
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863945431211&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7286
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFFGUsPZan9m08qavA57tho&google_cver=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNeG5gvb5DHZhk64wb9sATL3i...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNeG5gvb5DHZhk64wb9sATL3i6g_k5IIf4B1ZT5XIIY6qcZmZbwiJ_Q
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jS0IGLIlQkm96djxp9Tnjw==&no_redirect=1&google_push=AXcoOmQnGoCRMCMBBholEaglwV9slnpo3h22sDUIQfCuCgDnzJQGNeG5gvb5DHZhk64wb9sATL3i6g_k5IIf4B1ZT5XIIY6qcZmZbwiJ_Q
date
Tue, 12 Dec 2023 19:23:56 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
ius.ctnsnet.com/int/ Frame 7286 		0
0
pixel
cm.g.doubleclick.net/ Frame 7286
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESELkc0SfmASf9NxKbZakRhT0&google_cver=1&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_Un...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=NkIw7-gU2EalkX876xy0pg&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_UnbrNaZoEgjt...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=NkIw7-gU2EalkX876xy0pg&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_UnbrNaZoEgjtaOSBcc1
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=NkIw7-gU2EalkX876xy0pg&google_push=AXcoOmTq8Lq8vL0BVLK66ojHghnhT6PTmQitRKVXiIUyhLrVwZu31JHCBXMbOagEdv7VkN72kdUQ4rQZDh7W_UnbrNaZoEgjtaOSBcc1
Date
Tue, 12 Dec 2023 19:24:00 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7286 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAXNiVU-fhgxv356kzBoC3lhiEfoQ8VmhLQ0mW9-ver-Zc8IFgTdY-sgmZmtB9fp1MaRvnKUC8
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F60D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
466701
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 09:45:35 GMT
expires
Fri, 06 Dec 2024 09:45:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7370 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLIxlueyFkdIWqHaAzAGEagWEtUhmYMxBgCUZoNqJH1UqaiotFPcNvH7JYC0vTqYNcHzPIOYGEygkHvTzHz6AnwVjc191lpG7FWU6nuAk4AwmBdFpCCAVUpdU6juF0l5zGYFRTrWCOljXlkhHS2qECQvo2dFec_wlICA&sai=AMfl-YRqTVNJR0TVPyozAvbRHOrUhjCwwlJw4Aov5ecVhqea-TmQcBaSIzl205_vCTftmVAq07DD47CkWI1j5QnJZqW-pdVHgE2XBYt4lQ&sig=Cg0ArKJSzHsG0Y-IY9ETEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=204&vt=11&dtpt=202&dett=2&cstd=0&cisv=r20231207.20376&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375518390;dc_ver=99.292;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1575238846;ord=8lg0qy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCUyljSrN4ZbKOIrzG6toPk96yiArBjPyKdMSi54uLEq-BuuPXAhABIIHtz4MBYP2gmYHoA6AB0vjL4gPIAQngAgCoAwHIAwKqBPsBT9DT-38E_BIfzvUmSvTXYWrAXbK2p2R5c3ajs4cv_0i4tP-yn-KQJtB-VPPAQQNcXhiNoaWWdho2sVxd_zSmOglBmPKh_6hzBtGCZQrRtSLTr5cx0NC7eMLt6U3ePYBpjVPtaFW8mLmsC6274ig5Drzx_qLn-qniGSWdiVmynt3utoUFvj6muAad60YpC8OpTbUKkpQloWsSJKP01DTsndPJ9gXnm7lm-gsOvV5yyjCFZRcyWMztZnrycYvjzHnQL1Cp9NSKwKjutWOu0fgBmona_PsxbVm4q2t3skF7MMuDhHgTOqdNmEVDbXBiGQKi9RjejbuVrV71zgPABP_y_ZOGAuAEAYgF2Ib9uQegBhGAB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlihl5Duz4qDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEPDgj-_wy4y5dxICAQOqDQJDQcgNAeINEwih0pDuz4qDAxU8o1oFHROvDKHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIstuR7s-KgwMVPKNaBR0TrwyhEAEYASAAEgJOGvD_BwE%26num%3D1%26cid%3DCAQSPADICaaNyDcCykjanzm3JEvnP6urpy62OZkSAa5Fx5oPbKHWdKg8WCE6m9HM-yc6V19Ecnkuw3xhZxv5RRgB%26sig%3DAOD64_3RlVHQvz4tylua4YmfGmInu8cLxQ%26client%3Dca-pub-3784779432172338%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fpastebin.com%2F$0;xdt=1;crlt=T05NLk2gxo;stc=1;chaa=1;sttr=122;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7370 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:23:56 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F60D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 08:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
383502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 08:52:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx3E5qUws8OT9ndleZeLReiweZbV9MiDWZIdcZQOC5hnQYwLOC_huXWXcXMQM8aCi-cuwgwQdMcRG-p8VCW07pekd9ogb9MmBat9QTYSEpr9rYCI_M-ZgRUKQ_WAlV9Qep6V8h9_-UOsLK6Mh5V0f22Hpl&sig=Cg0ArKJSzHoFJGoBIwaqEAE&id=lidar2&mcvt=1007&p=223,639,224,640&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1740465153&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702409034938&rpt=700&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 07C1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 08:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
383502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 08:52:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DCE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAuoUTEqsngCR_uALT0aNVFQ7d0YbYPsrP_eiRC9cCOkUXTTa-gwWT-uNHUHrXVfbHPeLBjE5fkjPo9bwKfUMU4nWgvu9Dil1ko2fdDzzxGvKboIc-odhaSDNuzwg7EZA8j4HCEyxwhc1lF1pef77XdlOQ&sig=Cg0ArKJSzHaclOmmkH8uEAE&id=lidar2&mcvt=1002&p=1090,771,1091,772&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2072559514&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702409034960&rpt=722&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AFF4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutLlXEUZrEQKCgk_sc78oO-9N9mkOXNB-e_APFghWfKztVszK00My9-yLxg7pUBAnPKVHuJJ8OQAxgheNLQg26lYrLfWTH5eU_dmrW8F0p-d7I9sDEMbpdQQkuz9VnfKemn9aOB6YlDQCH97zPViqy0wYP&sig=Cg0ArKJSzEFzti-IrjrVEAE&id=lidar2&mcvt=1016&p=784,1308,785,1309&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=271645706&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702409035114&rpt=581&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F60D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdOHMTLN4ZZX0EM3loPwP5dOqsA4AAAAAOAHgBAI&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOOCMFhO4yusvXo6jdBRsTyIyYrJzeVhZvqYyKQ5SEo-0oAnJrWn1e0jVuroxt5jVAgAAAHVSAAAAAmgBB5kDTcVtIiCAz5oNf2qeN80OCzUrPuCBbAMWYy9vcU4AiTmK00L0Utq8pnbfGMM7bnw2VLzgymIwbKgfrBoEPYNYks2YIIhh_arOrANoeCVH5dq01qr8UzotNJfS6enLm7jrWjK5qe3mlv9mlZXsbC7kfEcAyAQB6kIRMbAqZ8naOptut9AJ135cifzFBFgaXD1YMhaX2yv65Kuqma6zoobQiBXujkekTN6WNcJg-NYxq1nlXJfXu4sR0ZLmhLTqli4aOebLI5b417fZxETg4JJfEbeKU_dXs08eHKviRNH9eLU6G3xrFjlKzZzynWDDigh5z9NPvrkdrbtdq96YVrjpf3iPRlyEoL9wzSdSLNxyLS0IxEGgx9NC6fGkecfencgnnq_HzbQ-wlQ19nYMX1D-B7XakrMHxZZ1KAMU4o5VlzmHTBdp-BjoEZgNe_lRFj-8G8AqZveUUk11_mpbv9eip0_4mQ7N0hUuYWJSoQSP_pU91ef-f1sjQN29hnbjr2KXUm7ZpME5MJPyUCY717a12N8NOO8oJy-FJzVhK5P8J_10VGu0LHKtyoYu7x-b9MALeOOUcizILTE4jjnjw5U0YORylRil9t7_SshvwZypSQPpk5G6g42c57x_CSw0VMdBGQqXrVgxZXs2IK9dBjz-Zs0BS1yVukaLrx1XpePPn472QA0r7DzufrOhI1bSDzsJYcWd6UGOfOELXNJGidG3ln7lPleJ5CGHgo5zC3p_GmPfcABMzq6yZwjzseS1k5X0Aqi2ZawOrO47KK0QJX3L8nmBp9hRgdLT9S-rvql5g2lJ_BuoedEa2uQPRZ1awQLJC13AzIVinHSpXjhqUq_URgDCt1USamZ67GUXyhLeDXet7xzZ2nDL513otvsxIUZS1gIfJUdMPOz186LYWqyTsclbEzxvI8pftCD9bGRkXGY3r666mPMGzBbVgR5ZjWv49zONJHasQjEl4hC5wIcHCR1X15DJgCNVVe4aDCPEQ3LWC7_BV8tTrOLJaiaNCMUzae_tqHenl7xp4vTMgujR2SEbHx1uJOBnWugb7eWlNi_Kxr13_ov26R4OpT4sHMesPuqmrWNv1K1veZXqUVi3VvHHyjJRRyD6O4iMBWP6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D68
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
URL: https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:56 GMT
expires
Tue, 12 Dec 2023 19:23:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:23:56 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-wBqZryaY-reKq-PqtU-qUAy-MUBqMryrwYTtRqxeNRwNcso_YKRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 19:23:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdKlpeuGJR6mHx05xotE0WneuEdBL4Vme1FU3TlUS8C%2BYInHS3%2BlEFyeGKb%2FPJbuCVCuUSsMK%2BsthKDgBCIr%2FKi5OQuo74pKnA%2FW97JH2p4eQPVTbGTuHpnbbaIdIhwx6xZ%2Bbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
83485840d9f23a0b-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A4B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszXD9rI8rZyroZUfNiVfQW4vgG6sd3yQMhrbmkXAHh2oXu-6GLRnrSDaIiZWweQaLzocwQRZjpwdONCJwstM5KFBV-NAO0OjjHrjmI8jfENQSTot1VQdF7JNEDyBD0WECThI0i5fnPyn7pghM8i76Nepc_BjTladDPvamkPqedyBlTJlPl0-g-BXfW6wDYQxNgwuMLqKz-pDYU8GtRzqgc0HZYJZx_MIPHefjVgnZFdKp3zecKVvFZH595gRLuCfTE-imwDFucNWOIuxdsPRtOsb2M_AwCPMUJW-E6ZEvipL5_54p3LgrA_LK-waKC-U4sbWrubMAFUaPd5a9Njtrw3DJHCxefNpYieRbkDw2IclaTlcrCVr1DagsiC4ZBS8gi3JCgHchDcBs9NsLgo-5xiLVTfnlKfqgHhORp3vB3b_EYvNsrMcl2-V-EMmVAz_hXAWjQ4FmUBCgoOs9usM4DEBAlK-E2f3B1XrQbFkaof_PEQrKsz__V21tTGNLn7iAisCD1JkXeXHEOf-eZdl179KEgmc7oi2ck9XclN8kIaQ2v8sec0ufCrNkmAsfe7y-wHbNuBnybQA5LOyJ5E5wd-LHGboiK58DgpmpS-RByV3acwFWQEu7z0BLOpRfO8vpBEWJG-L-24YttnAURrpWWSdD_U6ugnfk10MeyHLFjfkbnLxTtI2JV2KOS4z36K6lE54-gwFt00cnaVTgZiLJ-AVz6dten14CrvPNk1knsse_7rED3_Or7UCMtLnAZ2H4M5YFbFkIuTtMFYZB6RZJc7haY0tfLN03EwKZGFcWgg5M5SQeGpyZWKEWtssOSbmwjseFzHIeXfGO1ioHU_vFxDDWNF4CZp4oXQdzAbDOuhTVymMK350G7vlZwvycS_BpvW-7V8-dwOEYBsf-cFue61ZW8yQnt68fjhovAoTv89fVmIbC5TGYOiTZGRhcNjh5Q7VX3LYiEe5u1mwTDs195mj-F2uzlsJuqGa_TtbaSAWdO0wZyKFKAgCkHqY495dXBBHBkWwE5H96QqVZ_KcKUhHcpjFrAPvQQkwWag8rJHgxNH67w9gXG4ujuXIsUqOnydOYhXnEc4Yyx3kKFauwe2ReDzABnqeW2_Ixp7cBFwEJlKUP58AnVPcLcFt7-wjWV6Rvj0qbQU4zvtuFuN8TASyNjlOl54ab4KuTm2WWD-PgrnTIEttFD92qKaD_OazIZiMk2tXy8YGoj6xdOWW2UdhOv4TrS4BPqQgun2zhlmU1Vtxac6z2DemVKhFGWek72b-Ndu1RuAuICVYg&sai=AMfl-YRfpXb-VbMl8OGZ-fYh3AVxL2cVSOJqeo0bZOrcFXRlzve8YgEIZAIMTk7QAqCVPNqOnU_drgW89B_ApOdC14E4HVt9LlQNZQ32f1coyrL8pHhsET7hUH671mTKOvo2pDYOjx6eOF5z&sig=Cg0ArKJSzL13h7pWlTS6EAE&cid=CAQSOwDICaaNF9LDS-OxJdMQU6AD027SG38Oshkv9dLyQqlSg9ySYQOrGebQ0puBB5nuny-IcON1zgumxHj5GAE&id=ampim&o=0,91&d=970,90&ss=1600,1200&bs=970,90&mcvt=1018&mtos=0,0,1018,1018,1018&tos=0,0,1018,0,0&tfs=408&tls=1426&g=95.5586314201355&h=100&tt=1426&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastebin.com%2F&domain=pastebin.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Dec 2023 19:23:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
451146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		0
0
json
gum.criteo.com/sid/ 		344 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastebin.com%2F&domain=pastebin.com&cw=1&lsw=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e197f45bc3d66a38c40740cddb2a26269bda06fa7dad062154065b9f043becf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
782035
expires
0
prebid
id5-sync.com/api/config/ 		135 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbjs
sync.quantumdex.io/usersync/ Frame D9CD 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d5a590a03f2cef576a90156a89de05516596526bdb748aaf3945197e444388

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
83485843e8dc3972-YYZ
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 19:23:57 GMT
server
cloudflare
beacon
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13427529
  • https://ce.lijit.com/beacon?informer=13427529
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13427529
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
9b8fc88254b6a07103c25f29da91ad21aff8c8a212bb50907d86a9e27fdaecf6

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
954
Content-Type
text/html
Date
Tue, 12 Dec 2023 19:23:57 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13427529
async_usersync.html
acdn.adnxs.com/dmp/ Frame B544 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 19:23:58 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 13 Dec 2023 19:24:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=84786517281967022
  • https://sync.quantumdex.io/setuid?bidder=between&uid=424aadd2-d2f4-535a-903c-f982f5444acf
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=424aadd2-d2f4-535a-903c-f982f5444acf
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
834858457bbc3972-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=424aadd2-d2f4-535a-903c-f982f5444acf
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-38c1cf10-a4e5-34e6-94c3-d3f19da9d575
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-38c1cf10-a4e5-34e6-94c3-d3f19da9d575
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8348584c38eb3972-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-38c1cf10-a4e5-34e6-94c3-d3f19da9d575
pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=Hz2reBZHNsixJUGTQ72LOFhh
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=Hz2reBZHNsixJUGTQ72LOFhh
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83485844aa1e3972-YYZ
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 12 Dec 2023 19:23:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=Hz2reBZHNsixJUGTQ72LOFhh
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=2c63b59378
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=2c63b59378
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8348585809793972-YYZ
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 12 Dec 2023 19:23:00 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
60
x-cache
Hit from cloudfront
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=2c63b59378
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
q5LXUBx-D7edZT1Y0EULxIVkDvmGZAIE2fTICl31hg5tDErAnaIV2g==
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3485906243037739355
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3485906243037739355
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83485844aa233972-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
an-x-request-uuid
2794d0cb-6130-4431-bc30-b1151df81045
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3485906243037739355
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2f185fbd-fe41-4279-8c04-45472817b909
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2f185fbd-fe41-4279-8c04-45472817b909
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83485844aa253972-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2f185fbd-fe41-4279-8c04-45472817b909
date
Tue, 12 Dec 2023 19:23:57 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame D9CD
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-62dbIyr8KjD0vexWO6rzYvSw-RaxuAFyLAB3w3c-rQ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-62dbIyr8KjD0vexWO6rzYvSw-RaxuAFyLAB3w3c-rQ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83485853b8693972-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-62dbIyr8KjD0vexWO6rzYvSw-RaxuAFyLAB3w3c-rQ
date
Tue, 12 Dec 2023 19:23:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
user-sync
sync.adkernel.com/ Frame D6FE 		439 B
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
fc190023f30975b404248a1ee59bac269cb7c035bca77f5418ac44499e80fc22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
439
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 19:23:58 GMT
Server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 557F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
856 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
26e07602ee067fe36d8d03f7f3888849d01815b14d126ac16c1972f846e5be26

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83485858197b3700-YYZ
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 19:24:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXYQ78oDrzP6NH1kF9ICv9RlHuAEipWAM2AQZVFNQA8bKWTlN4Q4fvU61LPZPfN%2FvqBqrVFvjBqB2nr6lK8Nli3Xx8TUb9JYuFKfcWm%2FKpAZV%2FrmzgdoLG5Fpz4kndYK55%2F6zJI8EQeesg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83485857b8c63700-YYZ
content-length
0
date
Tue, 12 Dec 2023 19:24:00 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WtTcC5iIOcKZuAjSrFq6JFozVnVyHHy85%2BLQg%2FCDCmBqwY11ig%2FKPiOaysMfd8uqrUYFfsYLr8If6d2Yh3%2B3zPUkIHEdrnGNSyZWaQiPjEM4lhBTb%2FtWB2ERkSqLlQRqXNfth15I8TTSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 7783 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e8f0221906207718a0dc7478aa4afe1a31da6221cf249550b9efa0154b656bdb

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-type
text/html
date
Tue, 12 Dec 2023 19:24:00 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame 40BE 		342 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
0b7c583b91d6bd5e919b9e09d05934771664e1920a23d2128ac7058bda85373b

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 19:23:59 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 4142 		342 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
485d02695370df3cd924210b3c6a9a566424b15474f1839e064580cdcc21c5f4

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 19:24:00 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 5879 		706 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
48062f45f75d0b7a16d392e070fe2022f7e766f441a4fca566fd6c16155bdabb

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
706
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 19:24:00 GMT
Server
nginx
setuid
sync.quantumdex.io/ Frame C717
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8348584b6f913972-YYZ
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 19:23:58 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 12 Dec 2023 19:23:58 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
/
onetag-sys.com/usync/ Frame 0684 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 241E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
8cc0e649b5d29d1806e161632eecd454b44e674c6e703d8d6fbbad736ea98c9d

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 19:23:57 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D522 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67528
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 19:23:57 GMT
expires
Wed, 13 Dec 2023 14:09:25 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1702409038593
  • https://ad.turn.com/r/cs?pid=45&rndcb=798857404
  • https://sync.1rx.io/usersync/turn/3521150014322321970?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
date
Tue, 12 Dec 2023 19:24:00 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe51b23e8085b4c158e1007f27e9fae4f005
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 38BD
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:52:15 GMT
x-content-type-options
nosniff
age
37902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 08:52:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=AACqIk7K8WcAABRoYNcXqw&pid=85&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AACqIk7K8WcAABRoYNcXqw&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AACqIk7K8WcAABRoYNcXqw&pid=85&gdpr=0
Date
Tue, 12 Dec 2023 19:23:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=3485906243037739355&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=3485906243037739355&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
an-x-request-uuid
7d5ca673-16a9-4e92-97e6-51f1eeeb693a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=3485906243037739355&gdpr=0&gdpr_consent=
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 19:23:57 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=uIzi9uyK4a2jgbCst4D4qOqL5a2jiLOqt9w0PpTU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=uIzi9uyK4a2jgbCst4D4qOqL5a2jiLOqt9w0PpTU
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=uIzi9uyK4a2jgbCst4D4qOqL5a2jiLOqt9w0PpTU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame 38BD 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 38BD
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 12 Dec 2023 19:23:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHoycmVCWkhOc2l4SlVHVFE3MkxPRmho&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPUfc62356409664077ad84a92b218f7547&gdpr=0&gdpr_consent=&pid=103
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPUfc62356409664077ad84a92b218f7547&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPUfc62356409664077ad84a92b218f7547&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQ2QDYXP-28-4P55&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQ2QDYXP-28-4P55&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQ2QDYXP-28-4P55&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
db347e720ace067535e57f1546236eb3
Expires
0
m
cm.mgid.com/ Frame 38BD
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://cm.mgid.com/m?cdsp=827027&c=98db1d72-c26b-5381-89d4-bf91cc027ac8&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
  • https://cm.mgid.com/m?c=98db1d72-c26b-5381-89d4-bf91cc027ac8&cdsp=827027&gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&us_privacy=%5BCCPA%5D&sct=1
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?c=98db1d72-c26b-5381-89d4-bf91cc027ac8&cdsp=827027&gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&us_privacy=%5BCCPA%5D&sct=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Server
104.19.133.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8348585a4e0736d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=98db1d72-c26b-5381-89d4-bf91cc027ac8&cdsp=827027&gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&us_privacy=%5BCCPA%5D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83485859ed4b36d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1702409037472&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=FCF91777CA594CE9B3E5E3FB80D5C614
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FCF91777CA594CE9B3E5E3FB80D5C614
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FCF91777CA594CE9B3E5E3FB80D5C614
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 19:23:57 GMT
cm-notify
creativecdn.com/ Frame 38BD 		0
0
sync
x.bidswitch.net/ Frame 38BD 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:23:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2QDWNV-1I-BFF&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ2QDWNV-1I-BFF&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ2QDWNV-1I-BFF&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
86c92d2fca135435ceca5cadd19355a6
Expires
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 38BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 38BD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dbacfec...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
HTTP/1.1
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 19:23:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B19 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67528
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 19:23:57 GMT
expires
Wed, 13 Dec 2023 14:09:25 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86E1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67528
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 19:23:57 GMT
expires
Wed, 13 Dec 2023 14:09:25 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame DCF5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
857 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13427529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f138653a5c3d94361ec0c6f9a918c883df288819c97186923bb65a84b47fa144

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
536
content-type
text/html
date
Tue, 12 Dec 2023 19:23:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 19:23:58 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 2F3A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=8d5a0aa4-d19b-4c9c-8665-07ac29067dbb
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
94J9EWEGETRHBHZ9WG5B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 2F3A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
23.20.118.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-118-237.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e184bad7-0867-4598-ae43-c11a51adda20&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 19:23:57 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 2F3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OGQ1YTBhYTQtZDE5Yi00YzljLTg2NjUtMDdhYzI5MDY3ZGJi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
23.20.118.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-118-237.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
stx-match.dotomi.com/match/bounce/ Frame 2F3A 		0
0
byN59NcB
sync-tm.everesttech.net/ct/upi/pid/ Frame 2F3A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=ZXi...
85 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=ZXizUQAGYE7C4wAM
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-yyz4579-YYZ
pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
57
x-timer
S1702409042.925454,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
242

Redirect headers

x-served-by
cache-yyz4579-YYZ
pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702409042.872078,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=ZXizUQAGYE7C4wAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 241E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e184bad7-0867-4598-ae43-c11a51adda20&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e184bad7-0867-4598-ae43-c11a51adda20&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=e184bad7-0867-4598-ae43-c11a51adda20&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 19:23:57 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 241E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 241E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMRrqbmP8rNT63y_f2zC90Y&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMRrqbmP8rNT63y_f2zC90Y&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMRrqbmP8rNT63y_f2zC90Y&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 241E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MjIzMDQ5OTA4MTgxOTAyNzYwMg%3D%3D
date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 241E 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4092230499081819027602&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:56 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0EC142D828664260A9AFB4B1F6C34749 Ref B: YTO01EDGE0510 Ref C: 2023-12-12T19:23:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMVP3yX/OrY3DMqitxNg==
xuid
eb2.3lift.com/ Frame 241E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4092230499081819027602?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mUmGHx9E2oS.LfZqRmJbaL.rwQOIkZdX_oRM3vGVLg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mUmGHx9E2oS.LfZqRmJbaL.rwQOIkZdX_oRM3vGVLg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 19:23:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Dec 2023 19:23:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mUmGHx9E2oS.LfZqRmJbaL.rwQOIkZdX_oRM3vGVLg--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 241E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4092230499081819027602&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:23:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 241E 		0
0
xuid
eb2.3lift.com/ Frame 241E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3485906243037739355&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3485906243037739355&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 19:23:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
an-x-request-uuid
6575dd8d-5a26-48f1-824e-a65783830230
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3485906243037739355&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 241E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4092230499081819027602
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:57 GMT
an-x-request-uuid
bedfecf6-b845-415f-8d22-a2d754b2603f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D522 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33857476&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:57 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame B544 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
an-x-request-uuid
b16b0d59-f858-4c57-a43a-474904e793fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-sync
sync.adkernel.com/ Frame D6FE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1085222958414441586
  • https://x.bidswitch.net/ul_cb/sync?ssp=xapads&user_id=A1085222958414441586
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=xapads&bsw=0f48f247-ab0d-46e4-b816-7b329b897931
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=xapads&bsw=0f48f247-ab0d-46e4-b816-7b329b897931&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NzQ5NDdkZDdmYmY0NDZhMg&gdpr=&gdpr_consent=&us_privacy=&ssp=xapads&bsw_param=0f48f247-ab0d-46e4-b816-7b329b897931
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=0f48f247-ab0d-46e4-b816-7b329b897931
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 19:24:00 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=3&t=image&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Date
Tue, 12 Dec 2023 19:23:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame DCF5 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=5652d8e3-df58-0863-1f8f-7cd34943c895&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DCF5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZXizUQAGXN7C5QAM
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXizUQAGXN7C5QAM&_test=ZXizUQAGXN7C5QAM
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXizUQAGXN7C5QAM&_test=ZXizUQAGXN7C5QAM
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4579-YYZ
pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702409042.925614,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXizUQAGXN7C5QAM&_test=ZXizUQAGXN7C5QAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ae7b6067-a540-a027-69e4-dc80cea53a8e
pr-bh.ybp.yahoo.com/sync/openx/ Frame DCF5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ae7b6067-a540-a027-69e4-dc80cea53a8e?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.36.109 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:23:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame DCF5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=626a7a5e-2946-8994-983d-48e259c13c27
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:23:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0ARKK5G8C7NH1H3XB7Y7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DCF5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e184bad7-0867-4598-ae43-c11a51adda20&ttd_puid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e184bad7-0867-4598-ae43-c11a51adda20&ttd_puid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e184bad7-0867-4598-ae43-c11a51adda20&ttd_puid=3abc0623-35ec-326e-5833-ca7531f2f7c7&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 19:23:58 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame DCF5 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTZkM2Q1ZTktZmM5Yi02Y2NhLTRkZDMtOTBjY2ZiMTAzOWE3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DCF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqOK48aDmRSu9OyMjPoYnI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqOK48aDmRSu9OyMjPoYnI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqOK48aDmRSu9OyMjPoYnI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
33555016a3d420c9fe69a579f4010f796516ff6a6b2ee6ed1729379831938287
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
696.json
id5-sync.com/g/v2/ 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
c1c852a43495f68bb30c54c21f04516e976eb8e0e3316d7b38d93dc8fa111a35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Tue, 12 Dec 2023 19:23:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
sync.quantumdex.io/ Frame 40BE 		43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A2686227363492729077
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
834858514b753972-YYZ
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 19:23:59 GMT
server
cloudflare
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame D647 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 08:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
383507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 08:52:12 GMT
async_usersync
ib.adnxs.com/ Frame B544 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:23:59 GMT
an-x-request-uuid
2b44038f-5be5-480c-8a68-6f9d8e5175a2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4142 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A7420484607575453321
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
83485858198c3972-YYZ
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 19:24:00 GMT
server
cloudflare
sync
odr.mookie1.com/t/v2/ Frame 5879
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1813204565226980062
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0f48f247-ab0d-46e4-b816-7b329b897931&ssp=xapads&gdpr=&gdpr_consent=
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1961 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D657884%26t%3Diframe%26uid%3DPM_UID
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67525
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 19:24:00 GMT
expires
Wed, 13 Dec 2023 14:09:25 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame 7783 		0
0
cookie
cm.adform.net/ Frame 7783 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:02 GMT
server
nginx
content-length
43
content-type
image/gif
cs
cs-server-s2s.yellowblue.io/ Frame 7783
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212375866805710
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212375866805710
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212375866805710
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 7783
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=2f185fbd-fe41-4279-8c04-45472817b909&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=2f185fbd-fe41-4279-8c04-45472817b909&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=2f185fbd-fe41-4279-8c04-45472817b909&gdpr=0
date
Tue, 12 Dec 2023 19:24:00 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 7783
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=35775aaa-5f6e-4df0-93ff-a62e343dd0e4&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=35775aaa-5f6e-4df0-93ff-a62e343dd0e4&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=35775aaa-5f6e-4df0-93ff-a62e343dd0e4&gdpr_consent=null&gdpr=0
date
Tue, 12 Dec 2023 19:24:01 GMT
server
_
content-length
0
cksync.php
contextual.media.net/ Frame 7783 		57 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 19:24:02 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 19:24:02 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 7783
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=3485906243037739355&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=3485906243037739355&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
an-x-request-uuid
d4969cb9-82a5-4d72-9b44-1cf3719a204c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=3485906243037739355&gdpr=0&gdpr_consent=
x-proxy-origin
62.3.36.124; 62.3.36.124; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 7783
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d2bc1ab5-e203-0f2b-1374-96e7105b2384
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d2bc1ab5-e203-0f2b-1374-96e7105b2384
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Tue, 12 Dec 2023 19:24:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d2bc1ab5-e203-0f2b-1374-96e7105b2384
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 7783
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=0f48f247-ab0d-46e4-b816-7b329b897931
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=0f48f247-ab0d-46e4-b816-7b329b897931
Date
Tue, 12 Dec 2023 19:24:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7783 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:01 GMT
content-length
0
user-matching
ads.stickyadstv.com/ Frame 7783 		0
0
setuid
sync.quantumdex.io/ Frame 7783 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=Qe4pb5nzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
834858585a283972-YYZ
content-length
43
content-type
image/gif
/
onetag-sys.com/usync/ Frame E501 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 0767 		0
0
setuid
sync.quantumdex.io/ Frame D6FE 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A1085222958414441586
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
834858585a223972-YYZ
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 19:24:00 GMT
server
cloudflare
usermatchredir
ssum-sec.casalemedia.com/ Frame 557F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXizUBNdaxz98spxSo_LcwAABagAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENWYAdrhF76xqehBfX5YjgQ&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENWYAdrhF76xqehBfX5YjgQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmIHUZXiv0hklgZR6YA0W1zBpe4dHrJPjsfTDyQBEwdqAC4WyIA7FG9fSG9QCsYZI8PXTb8WqxzBkhBRiDPlUx8fwQ4S5s5nrEAZySeNcGshkgZcTSW0xVIZ%2BV%2B6f59jkc3CqLJQr3ETDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83485858edc95497-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENWYAdrhF76xqehBfX5YjgQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 557F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e184bad7-0867-4598-ae43-c11a51adda20&expiration=1705001040&gdpr=0&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e184bad7-0867-4598-ae43-c11a51adda20&expiration=1705001040&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z54lrOgIEIE4NIinye42Q6H7nypfO2F3LMevZGSVHJZmA%2FzFco40%2Fsymf4hEuUUJViky4pBjgg8IRMxdWsGr0v7htwHTxzgyCAEXtNTsY1KBZkVaxVNvBRLUSpSnfUqsVtC4AQ5VtE0t2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83485858eafc3700-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e184bad7-0867-4598-ae43-c11a51adda20&expiration=1705001040&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 19:24:00 GMT
server
Kestrel
content-length
323
31327
i.liadm.com/s/ Frame 557F 		0
0
crum
dsum-sec.casalemedia.com/ Frame 557F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXizUBNdaxz98spxSo-LcwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8JWG7l57WfUFIZc2TUSAc&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8JWG7l57WfUFIZc2TUSAc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRMZd8%2BmrBi203Usb7HpFSlJaPN16dx%2Fl%2BmTFGqN0L493z%2FNsH2OxzZqWqy1dejIdXO1N94RUodkH6c%2FM2M%2BnFcL%2BBEuovrv37mkdiXYhETSWXvAbLkmDeJe9YGga5RXGV2vEdnZhRUrMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834858596e8d5497-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8JWG7l57WfUFIZc2TUSAc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 557F 		0
0
crum
dsum-sec.casalemedia.com/ Frame 557F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eaa5cbeb-b08f-48a4-a078-ede432f637d5&expiration=1734031440
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eaa5cbeb-b08f-48a4-a078-ede432f637d5&expiration=1734031440
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rWfFiF1UILYkkx167PeJtEkWkEm%2F5%2FVA8WJVf8vEyf9hEETXrHSOgi7ZWww%2FLGn%2BxPF6SMeO8PhqltwginrGt1zaV%2BrHcQXYt7YTBmsJtgTTFN87sYnIFFU70OuMrMfvZ7IDDHoQSRFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83485859ff515497-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eaa5cbeb-b08f-48a4-a078-ede432f637d5&expiration=1734031440
Date
Tue, 12 Dec 2023 19:24:00 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
bridge
cm.adgrx.com/ Frame 557F 		0
0
setuid
sync.quantumdex.io/ Frame 557F 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZXizUBNdaxz98spxSo_LcwAABagAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
834858589aad3972-YYZ
content-length
43
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 1961 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53397709&p=162882&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D657884%26t%3Diframe%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
content-length
0
cs
um4.eqads.com/um/ Frame 9D06 		0
0
ecm3
s.amazon-adsystem.com/ Frame DD72 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3zzUriittUiM3YrpmXSj
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 19:24:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V978QRCH27RYCTHX7A64
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame DD72
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ2QDYXP-28-4P55
0
0
pixel
cm.g.doubleclick.net/ Frame DD72 		170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M3p6VXJpaXR0VWlNM1lycG1YU2o=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 19:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame DD72
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=3485906243037739355&pn_id=an
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame DD72 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:24:00 GMT
content-length
0
sync
ads.yieldmo.com/v000/ Frame DD72
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4410940003
  • https://sync.1rx.io/usersync/tradedesk/e184bad7-0867-4598-ae43-c11a51adda20
  • https://sync.targeting.unrulymedia.com/csync/RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-e51b23e8-085b-4c15-8e10-07f27e9fae...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prg-apac.smartadserver.com
URL
https://prg-apac.smartadserver.com/prebid/v1
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
prg-apac.smartadserver.com
URL
https://prg-apac.smartadserver.com/prebid/v1
Domain
prg-apac.smartadserver.com
URL
https://prg-apac.smartadserver.com/prebid/v1
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
ius.ctnsnet.com
URL
https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJJqWiK6qMcYsA4JR9T9L8Q&google_cver=1&google_push=AXcoOmQHqtBA_F2DAQiPKN4VWuNIcJ4VAbjOvZU0AOJvY0-jay6C2RcDPOYxbtTsygxiym61q3RwzvEkWjti2UUjzchrsYYLR7HlHFVP8A
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastebin.com/&tl=https://pastebin.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
Domain
stx-match.dotomi.com
URL
https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=8d5a0aa4-d19b-4c9c-8665-07ac29067dbb&gdpr=0&gdpr_consent=
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0f48f247-ab0d-46e4-b816-7b329b897931&ssp=xapads&gdpr=&gdpr_consent=
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXizUBNdaxz98spxSo-LcwAA%261448&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXizUBNdaxz98spxSo_LcwAABagAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Domain
um4.eqads.com
URL
https://um4.eqads.com/um/cs
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQ2QDYXP-28-4P55
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/v000/sync?userid=3485906243037739355&pn_id=an
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture function| gtag object| dataLayer object| s2options_7ebc6538 object| select2_662ea3af object| select2_a09a7382 object| vitag function| $ function| jQuery object| yii function| initS2ToggleAll function| initS2Order function| initS2Loading function| initS2Change function| initS2Unselect function| kvInitHtml5 object| webpackJsonp function| CodeMirror object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag object| pbTag function| getEidsByVLI object| ppocTag string| nativeAPI string| pbTagAPI object| ppocAPITag object| pbAPITag object| observeElementInViewport boolean| _clntTracking object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| googletag object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| apscustom undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO number| google_unique_id object| GoogleGcLKhOms object| google_reactive_ads_global_state object| google_image_requests

100 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQxc3x-8UxCgoIkQIQxc3x-8UxCgoItAIQxc3x-8UxCgoI5gEQxc3x-8UxCgoIhwIQxc3x-8UxCgoItwIQxc3x-8UxCgkIOhDFzfH7xTEKCgiMAhDFzfH7xTEKCQhfEMXN8fvFMQoJCB8Qxc3x-8Ux
pastebin.com/ Name: _csrf-frontend
Value: dc740ab20330a8ecc5959eab584af0ba59b5fdd5dfc3b69d286b5c46d216863ba%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22SZUxv-jZF_4hMR9qolkxkAwnqHv_OCJU%22%3B%7D
.pastebin.com/ Name: _ga_S72LBY47R8
Value: GS1.1.1702409032.1.0.1702409032.0.0.0
.pastebin.com/ Name: _ga
Value: GA1.1.1975534093.1702409033
pastebin.com/ Name: __ppIdCC
Value: pwatevib_xon2179649.933935
.pastebin.com/ Name: sharedid
Value: b422f968-176b-4264-97f2-9829e27ae7b6
.pastebin.com/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.lijit.com/ Name: ljt_reader
Value: Hz2reBZHNsixJUGTQ72LOFhh
.quantumdex.io/ Name: uid
Value: 5c738011-cfbe-4cbb-a4a4-f99a3fc37149
.adnxs.com/ Name: icu
Value: ChgI1YVfEAoYASABKAEwyebiqwY4AUABSAEQyebiqwYYAA..
.adnxs.com/ Name: uuid2
Value: 3485906243037739355
.amazon-adsystem.com/ Name: ad-id
Value: A0BDbP62409KmTZEGp3LUJk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.contextweb.com/ Name: V
Value: m4mW4OQMHgyE
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 185d6ef7c41ed78f
.mediago.io/ Name: __mguid_
Value: 81fa84b73adc382c2ft2t700lq2qdtoh
.smartadserver.com/ Name: pid
Value: 6210542540411513844
.doubleclick.net/ Name: IDE
Value: AHWqTUk9DmuMhOd7UB_f1jLqZppYmquGBvP91DKnJKNNCp7EIdImH9TBOmvcVHIM-oo
.teads.tv/ Name: tt_viewer
Value: 95e1d33c-da94-4127-abbf-8d8b24f361b7
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.pastebin.com/ Name: __gads
Value: ID=67070d44bf07545b:T=1702409034:RT=1702409034:S=ALNI_MZYj_tvAjaNNp2pN4IuMJ6zSEku3A
.pastebin.com/ Name: __gpi
Value: UID=00000a037d35e9bc:T=1702409034:RT=1702409034:S=ALNI_Maa_vVVA8jXl-1sk58dUN95uAL1og
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oie|2N.0|3oy.0|4is.0.CAESEITOmcQ3S70HswyqAQdfdvw|7TY.0|7dW.0.1
.lijit.com/ Name: _ljtrtb_49
Value: m4mW4OQMHgyE
.lijit.com/ Name: _ljtrtb_84
Value: c:5e036a7b8b1a01c27fd8e78fc975943f
.3lift.com/ Name: tluid
Value: 4092230499081819027602
.mfadsrvr.com/ Name: tuuid
Value: 8d2d0818-b225-4249-bde9-d8f1a7d4e78f
.mfadsrvr.com/ Name: c
Value: 1702409035
.mfadsrvr.com/ Name: tuuid_lu
Value: 1702409035
.krushmedia.com/ Name: krm_usr
Value: 98db1d72-c26b-5381-89d4-bf91cc027ac8
.krushmedia.com/ Name: krm_r
Value: 572
.lijit.com/ Name: _ljtrtb_87
Value: 8d2d0818-b225-4249-bde9-d8f1a7d4e78f
.iqzone.com/ Name: iq_u_key
Value: 55cfed07-c47a-4d9a-be0b-a791e55edc18
.iqzone.com/ Name: iq_r_key
Value: 27
.simpli.fi/ Name: suid
Value: FCF91777CA594CE9B3E5E3FB80D5C614
.linkedin.com/ Name: bcookie
Value: "v=2&4781d0b1-7552-4df8-86b2-dbab2b06afd6"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3044:u=1:x=1:i=1702409036:t=1702495436:v=2:sig=AQGg6YXzcvQDxsbJ20gd9VFryCO3o6eO"
.adsrvr.org/ Name: TDID
Value: e184bad7-0867-4598-ae43-c11a51adda20
.doubleclick.net/ Name: APC
Value: AfxxVi7aN6MyMcNZDoohQS-6yrSmzmbHRiPemxQoMDqURsxJ0Pxnmg
.mfadsrvr.com/ Name: ssh
Value: !google,1702409036!sovrn,1702409035
.quantserve.com/ Name: mc
Value: 6578b34c-8eb99-fd20c-1fd9e
.acuityplatform.com/ Name: auid
Value: 863945431211
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhdvRiGAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYXb0YhgI90aGlyZFBhcnR5VXNlcklkWkNBRVNFUG5oR3pUdU5lZnNLVW9zeWthWmdld/v7hnZlcnNpb27C+w=="
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_feafe732-9923-11ee-8814-12fa6b58ae11
.mxptint.net/ Name: mxpim
Value: R35CA9_10D97465B_6BF6299B.1.6578B34D
.bidr.io/ Name: bito
Value: AACqIk7K8WcAABRoYNcXqw
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: ljtrtbexp
Value: eJxlkLkVwDAIQ3dxncKAubJaXnbP5cIo5ZeQBT5aetvJuxiFiW%2BNK1L%2FCVIFp8oDffu4k8TDmbOSR%2BqYStRMdCg16MiF9Z6HzhjgK%2FjwHmPea15jbqzM77wBO9wIn5brPn5ewQVJcQ%3D%3D
.sharethrough.com/ Name: stx_user_id
Value: 2f185fbd-fe41-4279-8c04-45472817b909
.quantserve.com/ Name: d
Value: EAMBEAHSKoEM6owQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2C'$r-^/b!]tbP6j2F-.aDE7BAf@@gk'@JfR6$Pe:!+PdY03LidRw_gjUi0r)F6dki'Hq*g0D(J9]Ed
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0MDkyMjMwNDk5MDgxODE5MDI3NjAyIiwiZXhwaXJlcyI6IjIwMjQtMDMtMTFUMTk6MjM6NTdaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMTJUMTk6MjM6NTdaIn0=
.lijit.com/ Name: _ljtrtb_85
Value: AACqIk7K8WcAABRoYNcXqw
.lijit.com/ Name: _ljtrtb_92
Value: 3485906243037739355
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 424aadd2-d2f4-535a-903c-f982f5444acf
.betweendigital.com/ Name: ss
Value: 1
.linkedin.com/ Name: li_sugr
Value: 53fafdc2-700a-46eb-b8aa-97c00c5b2c37
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: _ljtrtb_2
Value: FCF91777CA594CE9B3E5E3FB80D5C614
.lijit.com/ Name: _ljtrtb_43
Value: uIzi9uyK4a2jgbCst4D4qOqL5a2jiLOqt9w0PpTU
.betweendigital.com/ Name: ut
Value: ZXizTQAJhYBRHJLTq7KyypiZ947NQfQrAwb2Kw==
.lijit.com/ Name: _ljtrtb_27
Value: e184bad7-0867-4598-ae43-c11a51adda20
.sitescout.com/ Name: ssi
Value: bacfec47-9473-48b7-b8a7-6614c6b65172#1702409037818
.sitescout.com/ Name: _ssuma
Value: eyI0OCI6MTcwMjQwOTAzNzg1MywiMzkiOjE3MDI0MDkwMzc4NTMsIjciOjE3MDI0MDkwMzc4NTN9
.pastebin.com/ Name: cto_bundle
Value: tqi1oF9FUkxnTklJWnYxdU4zR1U4anNTZ0k1MmllZXBCaUM0bTlza0hUWFlrTHhsT2J5S2o1c1l1aGdiTkpVTjYwb3dWaHk5TUZDeUl2Q3k0Z2FPQVJJVWU3VE05ajM0NEI2bkFpbjB1OGE5cmlOTlpXWG52NkJaWEtjYUZPTUhOUUFRZg
.pastebin.com/ Name: cto_bidid
Value: 9kO-219KMko3V0E3Y05oYlA5TjV6OUJxY09iOFM5bk0zenBhRkJ1SXpVTUVpTTY2RUVSSDFzRjBMZFE2ME1aM3M5dVMydnFveEt4RFV2d0YxWlVCczg4S1BkdyUzRCUzRA
.rubiconproject.com/ Name: khaos
Value: LQ2QDWNV-1I-BFF
.rubiconproject.com/ Name: audit
Value: 1|T2QQI2jF3xgICqi9xemD7XfeMV23uNrquqqhbAVVESFXJpBuKuR1F6YzBByW1HpDgxI1O5FCUzNCqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqCNnIU/ufZ6D9ES+wzatrvcSZxjaBSpj0Oz5tji6ylRYwMhllK4WBpn
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: LQ2QDWNV-1I-BFF
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 40906a0bd39e6a1d97e03c11792d36be
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDGwNDBLNEhKMbZMNUs0TLE0TzUwTjY0NLc0SjE2S0plAILUis1%2BIBoKAEvpCok%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrdjsB6SgAAAXbgHf"
.tapad.com/ Name: TapAd_TS
Value: 1702409038474
.tapad.com/ Name: TapAd_DID
Value: 730aae10-1cb1-40da-81b5-5d253bf448cb
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lijit.com/ Name: _ljtrtb_16
Value: bacfec47-9473-48b7-b8a7-6614c6b65172-6578b34d-5341
.adkernel.com/ Name: SSPZ
Value: 184388
.adkernel.com/ Name: DSP2F_3
Value: 645839
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e51b23e8-085b-4c15-8e10-07f27e9fae4f-005%22%2C%22zdxidn%22%3A%222069.80%22%2C%22nxtrdr%22%3Afalse%7D
.openx.net/ Name: i
Value: e910397a-9c6b-0d99-02e5-029d55d5c43a|1702409038
.openx.net/ Name: pd
Value: v2|1702409038|vMgavPkWgyiK
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-38c1cf10-a4e5-34e6-94c3-d3f19da9d575
.lijit.com/ Name: ljtrtb
Value: eJwVj0tPw0AMhP9Lzljah7329pakjahaWoqAwnEfSVVQBRFUVUH8dzZHz3xjzfxWpppVXdt5zcxtTR7bhW%2Fsgha2a0TNqXUaq5tKu8LFkIY%2BIYNHtoASGaIEBleY5KIjzQYcsUSLGciiLkn0JXnC0x63u7vbw3VRNMNF67VgDJlBiWNA8gKhRwtJ60A65ByMKqyowq53Zjffb55BL6HpuiL7qbhFIa%2BcQasss%2FWWaEpgsdKMemVd4ChRB6WT4SFLzzIkz2WmHSaSClnX7bh855XsU103Dx%2Bvm%2FQyXiZ3ainZZCVaIBpDgAY9xNx7yDLowBmnj9NKW9jz8ufoz9cVBvN2iO3XN85x3I5rKvdxvR2%2F%2FUXdfz4%2BVX%2F%2FjAlfIw%3D%3D
.lijit.com/ Name: _ljtrtb_76
Value: 5652d8e3-df58-0863-1f8f-7cd34943c895
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI_OGdrb3UvTwQBRIWCgdzdng5dDUwEgsI0oDFt73UvTwQBRgBIAIoAjILCOz2x-TT1L08EAU4AVoHc3Z4OXQ1MGAC
.bidswitch.net/ Name: tuuid
Value: 0f48f247-ab0d-46e4-b816-7b329b897931
.bidswitch.net/ Name: c
Value: 1702409038
.bidswitch.net/ Name: tuuid_lu
Value: 1702409038
.openx.net/ Name: univ_id
Value: 537072971|e184bad7-0867-4598-ae43-c11a51adda20|1702409038831971
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: NzQ5NDdkZDdmYmY0NDZhMg
.adkernel.com/ Name: ADKUID
Value: A2686227363492729077
.send.microad.jp/ Name: TR
Value: 424d2ce883a0dc24c81be8895c8af5d3fec624dc80d8bc68
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 1f18923e-9000-7b85-80f9-7913d83b11cf#1702409039764#1

2 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

088716dc460f4d474a3547c1d2c410aa.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
aep.mxptint.net
aid.send.microad.jp
aorta.clickagy.com
ap.lijit.com
assets.vlitag.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.iqzone.com
cs.krushmedia.com
cs.yellowblue.io
csync.loopme.me
data.adsrvr.org
dis.criteo.com
dsp.vlitag.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ius.ctnsnet.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pastebin.com
pastebin.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.ad.smaato.net
prg-apac.smartadserver.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.vliplatform.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
services.vlitag.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stx-match.dotomi.com
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
t.adx.opera.com
targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.stickyadstv.com
ads.yieldmo.com
cm.adgrx.com
creativecdn.com
dis.criteo.com
i.liadm.com
id.a-mx.com
ius.ctnsnet.com
odr.mookie1.com
prg-apac.smartadserver.com
secure-assets.rubiconproject.com
stx-match.dotomi.com
sync.go.sonobi.com
targeting.unrulymedia.com
um4.eqads.com
ups.analytics.yahoo.com
103.132.192.30
104.17.25.14
104.18.36.155
104.19.133.76
104.21.82.134
104.22.59.199
104.26.9.169
104.36.115.113
13.107.42.14
141.95.98.64
141.95.98.65
142.250.64.66
142.250.65.170
142.250.72.97
142.251.40.130
151.101.193.229
151.101.2.49
159.127.42.233
172.217.13.102
172.217.13.130
172.217.13.138
172.217.13.142
172.217.13.161
172.217.13.163
172.217.13.168
172.217.13.193
172.217.13.194
172.217.13.195
172.217.13.196
172.217.13.198
172.217.13.98
172.67.34.170
172.67.42.201
174.137.133.32
18.164.98.157
18.173.132.105
18.238.64.130
192.184.68.166
192.64.119.88
198.148.27.131
202.233.84.1
207.198.113.204
213.19.162.90
23.105.12.158
23.20.118.237
23.217.173.13
23.47.168.66
23.47.169.117
23.56.162.249
23.92.190.69
3.232.159.234
3.33.220.150
34.111.113.62
34.150.170.96
34.197.219.74
34.96.105.8
34.98.64.218
35.169.93.15
35.207.24.140
35.208.249.213
35.211.178.172
35.214.194.112
37.157.4.29
38.68.201.140
5.161.188.99
51.222.39.185
52.200.38.92
52.21.58.192
52.223.22.214
52.45.36.109
52.46.143.56
52.5.255.134
52.85.61.37
54.156.40.244
54.208.122.33
54.81.68.127
63.251.114.137
64.74.236.159
67.202.105.24
68.67.160.26
69.194.240.11
69.194.240.13
69.194.242.12
69.90.254.78
74.119.119.139
8.2.110.134
8.2.111.13
8.28.7.82
8.43.72.97
82.145.213.8
96.46.186.63
0323ca76ded2ee9b1a80921554512f5e4897d169d0a87504776c192bb3c5f559
03b9eae54b68fb4c3e243b7f57d50a6a2609a3875f6fd9a6a6e12ae3eb0418a9
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a31fb51092b5be28b0d96e4b8a6a39c6cfe0dcd6ece71604fdc1feb505d074
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0991a9db30a5582cfba695aa27c971d973a376073bbaa7150aebd6261a645d8c
0a3da6df8ea26b39fd9bfb8033ab8b93d0dd4c32c165a7b9455e913671ac7fef
0b7c583b91d6bd5e919b9e09d05934771664e1920a23d2128ac7058bda85373b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1bf559a0ff2b782db1ed3d774b6bf1379c4cfef4fbca73cf0d046da0b27c18
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11cffce799633717024b442e43abe248623fdcd94c463e893988ef37ea8d944a
145e429f2c19e775cd9cfcc0de7a3fcec6d0e9624dec74ccd3e7efff2d4c86da
15a8b60c4487769775847619aa486343ad7b83a697ba25bc6f1147c07723f2ad
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
17d5a590a03f2cef576a90156a89de05516596526bdb748aaf3945197e444388
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185e59a8a5b1191b2bb3f3a8ead5c5375347a4c284b1232a5d15c7d058d8c987
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
251f2dfe5c0600d15f313be04473f6ba9a3e80449d855a44ac6c48269f92ad4a
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26e07602ee067fe36d8d03f7f3888849d01815b14d126ac16c1972f846e5be26
2aabf4af33f71f20b315c259830fe599bce705c4d7f8eb28422a56527b0957c4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ddaec10c5c6c654c653d28f7c9b2ce8bf7167d8a59192f7e99d29bfbc3c81d
33555016a3d420c9fe69a579f4010f796516ff6a6b2ee6ed1729379831938287
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36f7867d65852095da9627424ca794ab24b58187ccbdfdf637fda7b57ab417f8
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39cd0c1324f2b94e4cb0102018494b705297a72f3aef5d44e8547ba796aef750
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3e602bf5cbc6b2715d4cb4d1d17414b038387f971de019e2791d55e8bf23059e
3eed9e2140abe64d5a2a5e030bed4b49b3091d51f1196c9c9512466bee260225
3effd37cce515bcbae7caadfb0108ff007cafd12c434780746cd76c228525dcc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
441f4b2c8ce22e54955155f09aca309ceb06fbb62e9fcbc77ae5a3f92cd543c3
44cf9986188524d6865217bc88d034930fbd0945db4086c251caaa0486ab8479
44e901d28e40098d41ce18c9ffa439a8f429523fc7f5bf8d45f2b9b5f36749d6
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48062f45f75d0b7a16d392e070fe2022f7e766f441a4fca566fd6c16155bdabb
485d02695370df3cd924210b3c6a9a566424b15474f1839e064580cdcc21c5f4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d32910b704bb3097c6ff4c647826563833179dc81cb95a316726dd8363f3517
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d886b32148b43d03443fa93c1f0f87a77bdd936a29d604df5a21723c08bdda6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a6f240f2179f21b1fc720615305bfb369bae93066902c1904ab3fde9449bf0
54c3e5ad0e0ad068d3c1bb4be04bca8069efd64a22bc7fe1a1c5425b87742e18
55132b78e7eace8460e88ec9f6cf2a8b7aff5f87128e6e761ceeddc2bc586a91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57202cbc8fbdb7f13bd13303665d323afa725d5d8b65dd5ac83cd53cf5b301e5
5a6fd1d6a7c2e8a6080aa2c2e02434e4dab2b5f0ac57338dc1a123f7a05629b5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
5cf258835fe6672a932b65b913c472daab31c91f771b2b41720c9bc63acea46f
5ece8c323eb30772d6a9648ff4465ec06e0fc040f58d9821a8e93a9fbc9e6a3a
5ff466857c3492bc9b5c0bfeaef7797f107581a0c387ff6e1ac3314e2b084a40
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61edd68106b42abfa69e3a10f5aa133c187a0e362be53767988bfd7cfcc35f72
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6740cef5d11350deae4acc758fd481855836caeac1cee510da39d212c2e57d62
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
690e73326a39db7d0fc5abd41b70904326420f89cd8d113683b7bd281b720637
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7540f6bb53df430be3180d635f27a405209da28b8b30f8335d6d37c396de19f8
7694e33f42f73eda7695dbde27401831c740a0cecfa7a8fefc5f3aa099c82e12
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
771ce192b44bc1667299af1b9803dc8009f886bba4ddd295570cfbccc8ce7b02
77355174cac6b70dee4c7f646a67ef4779374cb04f2f68724a4d77cd532bb580
7848c05d6bb17323eebe23008a1c675febc0f57345cb77ca6980c11eff224262
7e0149dce948144e22938cb3e17126e16b2578f977d8b3d854bdd6db12bfdef7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83cf663f44eb2787a963d63163992a5f06c2a41dae4ed935a165f2ecde90879e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85c9015b1fd87a1010d1cd417b33c08280b4369929ea16bc251c0c0315d3640f
8774dde16f1ae45a9125b8689f96cf18a14207ae1d31ba4e584a2ce95f94e041
89f6780a679f814dde634d3c40c0cf83ff72c1d92f679e9264f2badf04e504a3
8cc0e649b5d29d1806e161632eecd454b44e674c6e703d8d6fbbad736ea98c9d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
92b07b635db8880d16faee287461e5404847154dd0bf59f77257682140492031
9a279a3134422633b71648e78e6170f0b576bfa73d64cc82291a6c066b34b9da
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
9ad7952e57b6d9896de50656a69d5d6e805054f586577fb0e0d9edbf00703876
9b8fc88254b6a07103c25f29da91ad21aff8c8a212bb50907d86a9e27fdaecf6
9d17fd9e0bba9cd38ac6a41ba00feb6c1b15611859b7d0c092c22ca24f2df47e
9d790d8d644d85ba75095d8bce6dc947331745cf9fe0187d7b564505ffd41e53
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ab16fb8f2c09b360fcb06421b208a64dee0d40c791ed007360800ddb170ed9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a42d5393b1b69380bc3597bac17ab755ee4309b444c7d03a3666b8824b628707
a7904ac79da41ba565476ddd5aa5b6dcec52240c754bcdef6b420ae8a366ae27
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab459ca945e177fbe6c9a5a0509bc16440fb80976e47b184676b0203682460af
abb2c87444ef9f0ad7ff70d880ab21728e26380949753c630fa1831fe62b8026
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
accd286d5615ed70f6e559aced46cd395dec1ef331923df53b38118908b763e0
b125a011d1e023c10fd54a81322226b0be928a4ed021bb3bbb8466519e0e7540
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48c554987b12d195e3ea75c9a501633d66c3b790ea7ed244e86459ce38c97bb
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd67e13f6e4618ae6c611778379512444d841d4684c03a64b4e03bcc6444202a
bef8cbbbcb05f2185a3bbd57a389ab5afbf2f5b4fb8432bde01aad0d5e26ff5b
bfc98b28f8951d6d1049a22635e1850217bb67d6ce6498b8297938b2a60a2c80
c1c852a43495f68bb30c54c21f04516e976eb8e0e3316d7b38d93dc8fa111a35
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2217d8fef758ad77303d2c03c4eae5653724cd6f51b93c4662a8d35ed534add
d2a825261665cb81263ed12ad17e2c030aa44326e59c486301bc8cb12de3b563
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d48dc8a5c334deb4767395784421570c63162601cf849ff968feb9c8ced910cc
d7aee5871211604e24ffbaf5cc5d2c3f3e737be1362e829cd75250aef1e939a5
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
dd6611f6d76c13184f5954adff1d1101c4895db4e803f76fef3424aaa05e0101
e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65
e197f45bc3d66a38c40740cddb2a26269bda06fa7dad062154065b9f043becf5
e221df79de9832630cb3f5c4545c88de6fc1913a7109b4f9d1df5a950a5c7b58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4230d714e7780318640944aae307e8c07ad060f2dbfd9c2545459fe83fb2530
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
e8f0221906207718a0dc7478aa4afe1a31da6221cf249550b9efa0154b656bdb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9ffea70d9901580be4cc160eed36980ce7af29cb07fcd29dde54d67b323e8a1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f138653a5c3d94361ec0c6f9a918c883df288819c97186923bb65a84b47fa144
f26a52e45d695c38e0ffb6570a09e209815e3803ba202464ae34d09199041a08
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc190023f30975b404248a1ee59bac269cb7c035bca77f5418ac44499e80fc22
fc89adf8dcb5037176e832b63b69a0a4e0d74b61f63df179200bca7f7c4f4eac
fd0f2f5934e959ce1f8d7a919874aa88d5d6f4804ac67f18680aee6ffd9dff17
fe1e9e2c63b1ab3c6523ea40ffe3fb132f99e51138e410f3a52c9d1d61c812c5
ff0af92b7a7133d0497f1f400a186647f08dd91a7e441f29fe9e2bc847489930