pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/jev0gim3
Submission: On July 20 via manual (July 20th 2023, 3:24:39 am UTC) from GB — Scanned from PT

Summary HTTP 221 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 84 domains to perform 221 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 197775.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	88.208.215.108 88.208.215.108	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
5	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	104.26.7.139 104.26.7.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	172.67.69.19 172.67.69.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	104.131.19.66 104.131.19.66	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 6	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
12	54.194.182.208 54.194.182.208	16509 (AMAZON-02) (AMAZON-02)
4	213.19.162.41 213.19.162.41	3356 (LEVEL3) (LEVEL3)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
3	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	23.53.40.219 23.53.40.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	3.120.62.240 3.120.62.240	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.158.162.107 18.158.162.107	16509 (AMAZON-02) (AMAZON-02)
2	35.158.34.97 35.158.34.97	16509 (AMAZON-02) (AMAZON-02)
13	18.66.97.123 18.66.97.123	16509 (AMAZON-02) (AMAZON-02)
3	213.187.226.60 213.187.226.60	43937 (PTNET) (PTNET)
1	185.86.139.85 185.86.139.85	201081 (SMARTADSE...) (SMARTADSERVER)
2	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.30 13.32.99.30	16509 (AMAZON-02) (AMAZON-02)
1	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
4	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.33.165.48 63.33.165.48	16509 (AMAZON-02) (AMAZON-02)
1 3	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
2 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	3.226.99.159 3.226.99.159	14618 (AMAZON-AES) (AMAZON-AES)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	46.228.164.11 46.228.164.11	() ()
2 2	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.10 69.166.1.10	() ()
1 1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	34.235.214.126 34.235.214.126	() ()
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	52.95.118.179 52.95.118.179	() ()
5 7	69.173.144.165 69.173.144.165	() ()
6 9	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	52.223.40.198 52.223.40.198	() ()
3 5	52.46.155.104 52.46.155.104	() ()
2 2	150.136.26.45 150.136.26.45	() ()
7	52.210.15.1 52.210.15.1	() ()
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.156.219.78 54.156.219.78	() ()
1 1	52.201.138.102 52.201.138.102	() ()
1 1	208.93.169.131 208.93.169.131	() ()
2 4	151.101.194.49 151.101.194.49	() ()
1	80.77.87.162 80.77.87.162	() ()
2 2	85.114.159.118 85.114.159.118	() ()
1	54.72.81.170 54.72.81.170	() ()
1 1	178.250.1.9 178.250.1.9	() ()
5	185.64.191.210 185.64.191.210	() ()
4	198.47.127.205 198.47.127.205	() ()
1 1	52.220.229.2 52.220.229.2	() ()
1 1	34.111.151.213 34.111.151.213	() ()
1	69.173.151.100 69.173.151.100	() ()
1	198.47.127.20 198.47.127.20	() ()
221	70

13 88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.19.66 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-26.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.194.182.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net

6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.40.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-40-219.deploy.static.akamaitechnologies.com

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.120.62.240 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-62-240.eu-central-1.compute.amazonaws.com

eu.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

itx5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.162.107 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-162-107.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.34.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-34-97.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.97.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-123.fra56.r.cloudfront.net

clodds.solverde.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.187.226.60 (Malta)

ASN43937 (PTNET, EE)

webtickers.malmegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.85 (France)

ASN201081 (SMARTADSERVER, FR)

www9.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.165.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.99.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-99-159.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.214.126 (None, ) 1 redirects

ASN- ()

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.118.179 (None, ) 3 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.165 (None, ) 5 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.155.104 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.136.26.45 (None, ) 2 redirects

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.210.15.1 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.219.78 (None, ) 2 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.138.102 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.162 (None, )

ASN- ()

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (None, ) 2 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.81.170 (None, )

ASN- ()

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.191.210 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.205 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (None, ) 1 redirects

ASN- ()

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (None, ) 1 redirects

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 567 eus.rubiconproject.com — Cisco Umbrella Rank: 631 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1142 pixel.rubiconproject.com token.rubiconproject.com pixel-us-east.rubiconproject.com	38 KB
16	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 583 ads.pubmatic.com — Cisco Umbrella Rank: 558 image6.pubmatic.com — Cisco Umbrella Rank: 764 simage2.pubmatic.com image2.pubmatic.com simage4.pubmatic.com	41 KB
15	doubleclick.net 6 redirects ad.doubleclick.net — Cisco Umbrella Rank: 186 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	154 KB
13	solverde.pt clodds.solverde.pt	247 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2705 public.servenobid.com — Cisco Umbrella Rank: 4893	8 KB
13	pastelink.net pastelink.net — Cisco Umbrella Rank: 197775	334 KB
10	amazon-adsystem.com 6 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	7 KB
10	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1495 itx5.smartadserver.com — Cisco Umbrella Rank: 20267 www9.smartadserver.com — Cisco Umbrella Rank: 12826 ssbsync.smartadserver.com — Cisco Umbrella Rank: 828 rtb-csync.smartadserver.com	9 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	41 KB
8	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1801 usersync.gumgum.com	3 KB
7	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 568 secure.adnxs.com — Cisco Umbrella Rank: 447	22 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 dsum-sec.casalemedia.com Failed dsum.casalemedia.com	6 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	412 KB
5	sportradarserving.com 1 redirects eu.sportradarserving.com — Cisco Umbrella Rank: 74106	9 KB
4	everesttech.net 2 redirects sync-tm.everesttech.net	1 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 727 gum.criteo.com — Cisco Umbrella Rank: 425 dis.criteo.com	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	21 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 993 api.btloader.com — Cisco Umbrella Rank: 1131	9 KB
3	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 pr-bh.ybp.yahoo.com Failed	155 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 613	2 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 926 ap.lijit.com — Cisco Umbrella Rank: 728	2 KB
3	technoratimedia.com 2 redirects ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3915 sync.technoratimedia.com	7 KB
3	malmegas.com webtickers.malmegas.com — Cisco Umbrella Rank: 777478	12 KB
3	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1280 contextual.media.net — Cisco Umbrella Rank: 621 hbx.media.net — Cisco Umbrella Rank: 1257	10 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 784	361 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1532 mp.4dex.io — Cisco Umbrella Rank: 2871	25 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	4 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	1011 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	3 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 475	677 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
2	turn.com 2 redirects ad.turn.com	952 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 595	60 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 570	727 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	958 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1154	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	84 KB
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 19220	159 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	152 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
1	brand-display.com 1 redirects dmp.brand-display.com	350 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com	643 B
1	tidaltv.com sync.tidaltv.com	67 B
1	admanmedia.com cs.admanmedia.com	189 B
1	contextweb.com 1 redirects bh.contextweb.com	541 B
1	ipredictive.com 1 redirects sync.ipredictive.com	465 B
1	disqus.com 1 redirects ssp.disqus.com	275 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 934	138 B
1	sonobi.com sync.go.sonobi.com	500 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	465 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3631	370 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1902	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4643	525 B
1	sascdn.com ced-ns.sascdn.com — Cisco Umbrella Rank: 2680	12 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3795	833 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 19789	687 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 255	1 KB
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	bumlam.com Failed sync.bumlam.com Failed
0	adform.net Failed c1.adform.net Failed
0	simpli.fi Failed um.simpli.fi Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	ctnsnet.com Failed ipac.ctnsnet.com Failed
0	iprom.net Failed core.iprom.net Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	loopme.me Failed csync.loopme.me Failed
0	opera.com Failed t.adx.opera.com Failed
0	de17a.com Failed d5p.de17a.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	creativecdn.com Failed creativecdn.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
221	84

	Domain	Requested by
13	clodds.solverde.pt	eu.sportradarserving.com clodds.solverde.pt
13	pastelink.net	pastelink.net
12	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssbsync.smartadserver.com ssum-sec.casalemedia.com
9	cm.g.doubleclick.net	6 redirects g2.gumgum.com
7	usersync.gumgum.com	g2.gumgum.com
6	eus.rubiconproject.com	cdn4.buysellads.net eus.rubiconproject.com public.servenobid.com g2.gumgum.com
5	simage2.pubmatic.com	ads.pubmatic.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	ssum-sec.casalemedia.com	2 redirects public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com
5	eu.sportradarserving.com	1 redirects ced-ns.sascdn.com eu.sportradarserving.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	prg.smartadserver.com	cdn4.buysellads.net
5	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net pastelink.net
5	fonts.gstatic.com	fonts.googleapis.com
4	image2.pubmatic.com	ads.pubmatic.com
4	sync-tm.everesttech.net	2 redirects g2.gumgum.com ads.pubmatic.com
4	match.adsrvr.org	g2.gumgum.com ads.pubmatic.com ssum-sec.casalemedia.com
4	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ads.pubmatic.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
3	ups.analytics.yahoo.com	public.servenobid.com ads.pubmatic.com
3	sync.1rx.io	3 redirects
3	webtickers.malmegas.com	clodds.solverde.pt webtickers.malmegas.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	api.btloader.com	btloader.com
3	fonts.googleapis.com	pastelink.net clodds.solverde.pt
2	dsp.adfarm1.adition.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	us-u.openx.net	2 redirects
2	sync.technoratimedia.com	2 redirects
2	token.rubiconproject.com	2 redirects
2	p.rfihub.com	2 redirects
2	ad.turn.com	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	match.sharethrough.com	eu.sportradarserving.com public.servenobid.com
2	x.bidswitch.net	2 redirects
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	region1.google-analytics.com	www.googletagmanager.com
2	ad-delivery.net	pastelink.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net
2	cdn4.buysellads.net	pastelink.net
2	www.googletagmanager.com	pastelink.net www.googletagmanager.com
2	www.google.com	pastelink.net tpc.googlesyndication.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	dis.criteo.com	1 redirects
1	sync.tidaltv.com	ssbsync.smartadserver.com
1	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
1	cs.admanmedia.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	secure.adnxs.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	ad-cdn.technoratimedia.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	www9.smartadserver.com
1	itx5.smartadserver.com	pastelink.net
1	ced-ns.sascdn.com	pastelink.net
1	6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	prebid.media.net	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	ad.doubleclick.net	pastelink.net
1	btloader.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	pastelink.net
0	dsum-sec.casalemedia.com Failed	ssum-sec.casalemedia.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	pixel-sync.sitescout.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	sync.bumlam.com Failed	ads.pubmatic.com
0	c1.adform.net Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	ad.mrtnsvr.com Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	ipac.ctnsnet.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com ssum-sec.casalemedia.com
0	t.adx.opera.com Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ssbsync.smartadserver.com ads.pubmatic.com ssum-sec.casalemedia.com
0	creativecdn.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	ad.360yield.com Failed	g2.gumgum.com
0	b1sync.zemanta.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	cms.quantserve.com Failed	g2.gumgum.com ssbsync.smartadserver.com ads.pubmatic.com ssum-sec.casalemedia.com
0	pr-bh.ybp.yahoo.com Failed	g2.gumgum.com ads.pubmatic.com
0	px.ads.linkedin.com Failed
221	120

This site contains links to these domains. Also see Links.

Domain
www.pearltrees.com
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
*.pastelink.net R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.sportradarserving.com Entrust Certification Authority - L1K	`2022-09-30` - `2023-10-15`	a year	crt.sh
clodds.solverde.pt Amazon RSA 2048 M02	`2023-01-20` - `2024-02-17`	a year	crt.sh
*.malmegas.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-07` - `2023-12-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-08` - `2024-07-08`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh

This page contains 54 frames:

Primary Page: https://pastelink.net/jev0gim3
Frame ID: 9C304151946FB876CC51B0394AFD670A
Requests: 66 HTTP requests in this frame

Frame: https://6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5FB576142DABA42DB3A04E60AA4EA585
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6E_bCvNNBvQdo7x1KCN9COBlj5D3JerxoFqzLOfJbFR0knodKCvgysEquIqF-h7_tjFRPN7RHOouY-J4SX9eJ2ITNzzaNMf1c_pGJSH61XdwAjbBvM9aPcBdEbIWYbH6Z7ZAw5VL0HuPJaTO1jRkL0XNHR0aSorD8hcQq0fwUy2jackdE5u6NiF3TIuvCuo7Vwygd8UHjPGbS8PkgKAyTiXcGcjzHbMIUs1whV_E0cKEeSklo-P7n7jTbXB4W5w3JyqVgFAyfC1hOIZmiHl73DsPx3sv7lopYQlVdtEs0LQN1_1Dfx2PHYlIb7TXlGM4MxIU3roipLSRE9MrwCLDkKDDMG8UaBfMF6g&sai=AMfl-YSP-E50QVz8PVTrv8t_CwQ2RWa_vXCIfQBkYsnsUojCdimZKR-se7KkIRnRNTRgdHhE2MBBC_kSsBsE4qIR47bnMVmP44aTXIwKnzkPx_K-a5bL5ovZ_zeMn0oSc_0lGfl9iZYk37iR9ecWoGlp&sig=Cg0ArKJSzFHOhzxbOfq8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0525E7DE6A19EE79B9FE03FE15907E2B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E485DBB8442C8573DEDE545EFDF9E3F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7DA6380FDCD1CC717DF3472DC0AA1F
Requests: 2 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Frame ID: 9AC436B23DEE2D4691EB0EC94C2EEFE9
Requests: 5 HTTP requests in this frame

Frame: https://itx5.smartadserver.com/h/aip?uii=8126140801820961265&tmstp=9396717301&ckid=1845676064659655808&systgt=%24qc%3d1314134904%3b%24ql%3dHigh%3b%24qpc%3d1900-798%3b%24qt%3d58_1442_10621t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1689823472518&envtype=0&opid=5c23652a-03ba-4cff-9466-df8d7631bd60&opdt=1689823472517&siteid=587752&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fpastelink.net%2fjev0gim3&cappid=1845676064659655808&capp=0&mcrdbt=0&insid=11614228&imgid=0&pgid=1794822&fmtid=121283&isLazy=0&rtb=1&rtbnid=3835&rtbbid=8189773151795716679&rtbh=cacc6f5ddbfc54577a9c3e87a012fd40d8e928ba&rtblt=638254202725215723&rtbet=0&rtbptnid=31&cftgid=5559b2df9984
Frame ID: 9147E24691691017BA086DDAE10C2310
Requests: 1 HTTP requests in this frame

Frame: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Frame ID: E2D6C0A457A73F3FE1449D3DC45488E0
Requests: 16 HTTP requests in this frame

Frame: https://webtickers.malmegas.com/js?info=1&casino=casinosolverde.pt&game=mrj-4&currency=eur&local=1
Frame ID: 993A719F24546779AA2A9E76BFC740DB
Requests: 1 HTTP requests in this frame

Frame: https://webtickers.malmegas.com/js?info=1&casino=casinosolverde.pt&game=mrj-4&currency=eur&local=1
Frame ID: 84BE894852CE595B4EE044D45BA632FF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 177E9514CAA97E78CB8E162D26D8BC18
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 62F9A5C365A65A6FC9573C9B7177BB08
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A44EAA6A10CB927FFC61A83E62242292
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689823472501
Frame ID: 546634936C9EB50D04FB07DE0ACABB04
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: ABE338A6A0AFDB6AF1BDC3DBB0D3E8ED
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 812DE24CB1773E8566C258DE3F9AE82B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: D815C3598F4D2CC19AE1844A38BF1589
Requests: 19 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 74E0CE5952D91FCA4E05FF6E44BCDF3D
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 8B3E3BA98237712AEBFB32D921DBA52E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F41CAADF31451C9C7780657FA3BBDF99
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 9FA7E63E64663A3C841556BD3F53421E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: C9C66ACFE1A6855A1DD8198034118FC3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 16091C346C96472B20192FD140CE8943
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: E17B31DC4DA10C8CDD5C357153DA034C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 990ADAB3779FA1583105FA77F4BB7836
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 2B9DA7E026E56307BA2FAF469FA1CE2D
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: A4752067AE4924472A4534CC91350D3A
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLio9QAAA1QLVAAb
Frame ID: 23A6062B2C433CD40E2F98A49915058E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NDYxZjNjNi1jMjljLTQ0NTMtYmQ0Ny1iMDcxN2UwZmJiMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 53B19FAF5F42BA1D6F833BFD8E528D88
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7E368778944FF9DC6FB0DB584AFD6346
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 96D929209B2507DB9E8E045602BE4CEC
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 335CCC8F81E1307E48FF3308FB39DC65
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 8B231876E2E3B499F761B8CEC04C335B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Frame ID: 077D44E796EA1B4587169A7F6D246A40
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: A6A7ADC270937C452094BD42E95D2A92
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5B676A1C14618D1F53C2B8E0C407928E
Requests: 3 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 9E1722A0876B01A80DC2ACB288923D6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4B6D76630A1E127F2C2D71CAFB3CDF8B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327490177744
Frame ID: 47D957542809058180D900E48E9BFC44
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 51DD81D23DEC9895BE509FADEE17AD49
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 9CDF8B033996648B8B50A7DC92AB191D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=596599611831385886&gdpr=0&gdpr_consent=
Frame ID: 3A90780392E1FD6A6469E2167A19DAE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7257736569743407254&gdpr=0&gdpr_consent=
Frame ID: C11B00300AFBF887AD3A095749086859
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XSQbnP0iV_dtd0TUSgKRzlv68Ds&gdpr=0&gdpr_consent=
Frame ID: 58304F7E6091439774026159FA0EF864
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 5F7AB8C6DB3739849AE2890D883640CE
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 4479B4AB6DAD9B5376E46EB1E1D9DD06
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLio9QACJ9y7jgA_
Frame ID: F11F17F9AC82075461D3620F13A1DD1D
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: A0B69E539D28D3768160DB950ED6C62D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9D369EA22BFC506913BCE9B0CD057F33
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E21D2F9C48193063CBA5551BF00A5006
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 8A1D3DAD04247AD336B614AA48A20FE9
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 368C2CCC167738493BA355707830AFC0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=31r89wo2ugmn
Frame ID: 20F4A7911BE9EBDD5F0AB825592AAD18
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 2EC829B94332753FB3A578655B6EA9E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

20 Fun Infographics About Cybersecurity Service - Pastelink.net

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

221
Requests

71 %
HTTPS

0 %
IPv6

84
Domains

120
Subdomains

70
IPs

9
Countries

1889 kB
Transfer

3811 kB
Size

55
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pearltrees.com/cirrusbutane40/item530522764
Title: https://www.pearltrees.com/cirrusbutane40/item530522764

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/jev0gim3&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/jev0gim3&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/jev0gim3&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/jev0gim3&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/jev0gim3&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/jev0gim3&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/jev0gim3

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/jev0gim3&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://eu.sportradarserving.com/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/ HTTP 302
https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/

Request Chain 75

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=870282df-65e2-41b9-af35-7409721ca650 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=870282df-65e2-41b9-af35-7409721ca650 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a9a26015-4b82-4bbf-a543-03d1e52be9cf&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 115

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 116

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 122

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=596599611831385886

Request Chain 123

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HApMsRZHIEV50gBwT_-OvX0B

Request Chain 125

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689823476578 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1423845613 HTTP 302
https://sync.1rx.io/usersync/turn/3238793370979378497?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003

Request Chain 126

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5124322327490177739

Request Chain 128

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=

Request Chain 130

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5

Request Chain 133

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 135

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKAL9K8K-26-LC0H

Request Chain 136

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mC3g9e-fQG6MqSZ5OOdesQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mC3g9e-fQG6MqSZ5OOdesQ

Request Chain 137

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiODA1MTAwYjExNjE4NDgwYmNlMTZjYjVkZmQ4NmRhZmM5M2M4ZQ

Request Chain 139

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtBTDlLOEstMjYtTEMwSA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPm-zUKVkdpwxFZcWL2DdrQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtBTDlLOEstMjYtTEMwSA==&google_push=

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqnRwkDZUu7A2PyiWjV7Gk&google_cver=1

Request Chain 141

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/gIZVdziaukouAm8imtHfNcn5EUdSAgOZEtemQ7w0kco?csrc=

Request Chain 142

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KhyXZxZrTZmay_9XkhKQ8g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KhyXZxZrTZmay_9XkhKQ8g

Request Chain 143

https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99 HTTP 307
https://ads.servenobid.com/sync?pid=362&uid=GDPR

Request Chain 144

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=596599611831385886

Request Chain 145

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

Request Chain 147

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=6a0ff8b3-3b44-4c3e-a63a-3b10af42472b

Request Chain 148

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-5d241b9c-fd22-57f7-6d77-44d44a0291ce$ip$91.250.240.59

Request Chain 150

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=01efaa06-3749-4afd-8d64-d679f2d94c8d

Request Chain 151

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 155

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=QdCVNnJ5C3lD&ev=1&pid=558355

Request Chain 156

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=6329789163415194840

Request Chain 158

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLio9QAAA1QLVAAb

Request Chain 164

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1

Request Chain 166

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 168

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7257736569745242262&gdpr=0&gdpr_consent=

Request Chain 173

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 174

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327490177744

Request Chain 175

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 177

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=596599611831385886&gdpr=0&gdpr_consent=

Request Chain 178

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7257736569743407254&gdpr=0&gdpr_consent=

Request Chain 179

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XSQbnP0iV_dtd0TUSgKRzlv68Ds&gdpr=0&gdpr_consent=

Request Chain 182

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLio9QACJ9y7jgA_

Request Chain 188

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=31r89wo2ugmn

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MagbF9clSRSjwyK-IMn1Kg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFBODFCMTctRDcyNS00OTE0LUEzQzMtMjJCRTIwQzlGNTJB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyn2hvNqe1jMY6eV2i1iEw&google_cver=1

Request Chain 201

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=a9a26015-4b82-4bbf-a543-03d1e52be9cf&gdpr=0&gdpr_consent=

Request Chain 203

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2590275024638027073&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPu7jqYyG-ZW9QC6RaMedyA&google_cver=1

Request Chain 211

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 212

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f842ccd5-6835-e14f-7ed737d8

221 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jev0gim3 Show response
pastelink.net/ 34 KB
11 KB 395ms
165ms Document
text/html 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c752fc0683569d772a9f00a40d79e5b83d2339ae32b49398a99777e01279df5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 03:24:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
802 B 283ms
89ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 03:24:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 03:24:30 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 107ms
106ms Stylesheet
text/css 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/jev0gim3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-1e436"
content-type: text/css
accept-ranges: bytes
content-length: 123958

GET
H2 200 jquery-3.6.0.min.js Show response
pastelink.net/assets/js/ 87 KB
88 KB 219ms
218ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/jquery-3.6.0.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/jev0gim3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-15d9d"
content-type: application/javascript
accept-ranges: bytes
content-length: 89501

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 95ms
94ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/jev0gim3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 155ms
54ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8014628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYpmSGDzr27Bl7W6qb5PbnIMYqCAcoRbwdhxuWlMDq5Y95EZIgZmkNXIHBFr0epWCe2bYIfI8XjAqn1tVn3ywiUHNfw4i50xDQDWmjb06GeeNLtuHEM661XZxZ1kDARFaJqEp%2F80"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e981771c95948a9-LIS
expires: Tue, 09 Jul 2024 03:24:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
2 KB 281ms
88ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Color+Emoji:wght@400&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

7e0f2346ea6c9e585e9ccc14af851ef513f8b4ebf991ddf201371004f197532c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 03:24:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 03:24:30 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
895 B 294ms
101ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

f62774e0fe35ad4b9eff05df667da9777f3a19f2c513c8625ddfec5487411463

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 03:24:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
70 KB 254ms
87ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

07dd36834f40808d0e8748a483b441ff8569a7a137638009c345276e0f9934b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71662
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jul 2023 03:24:30 GMT

GET
H2 200 pastelink.js Show response
cdn4.buysellads.net/pub/ 536 KB
150 KB 198ms
63ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 882d236ae72198055a3017004295f39d3cce453c5284e882c1bab6692548a2e3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 03:04:49 GMT
server: AmazonS3
x-amz-request-id: F0F6PNHV25SP7ZXF
etag: "fba0ef8fa6ec573d1e6b3a39024f67cd"
x-amz-server-side-encryption: AES256
x-hw: 1689823470.cds220.ma1.hn,1689823470.cds028.ma1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 153284
x-amz-id-2: 8rbi8Vtk52kDw/tfYXJdUUEeGbf5aI5XmVyyuuN04T7VJ35QG9rEkaQ/0hHj2dEiaFWc3TuFTp0=

GET
H2 200 recaptcha__pt_pt.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 431 KB
174 KB 291ms
110ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__pt_pt.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

00c5ba62a4d4bdc3103779e28395db393f79eb7f2cc2c17f58e97d1f2ad600e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177103
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:58:13 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 93ms
86ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo-portuguese.svg
pastelink.net/assets/images/logo/ 15 KB
15 KB 96ms
88ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-portuguese.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

5a14d7bd1699abb15b23de83e68faa49a4350606f9de3311156de136d27de304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-3d07"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 15623

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
409 B 96ms
89ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 97ms
90ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
748 B 98ms
91ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 99ms
93ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 105ms
98ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-portuguese-contrast.svg
pastelink.net/assets/images/logo/ 16 KB
16 KB 106ms
99ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-portuguese-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ecffe1a2db6cd3a0cfd033772fb6351d6c2b3fadd63c9864c8906f0e0c2e7b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-3ecc"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 16076

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 105ms
100ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 291ms
109ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 32730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 18:19:00 GMT

GET
H2 200 Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXw.2.woff2
fonts.gstatic.com/s/notocoloremoji/v25/ 194 KB
194 KB 381ms
200ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notocoloremoji/v25/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXw.2.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Color+Emoji:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

11170d19e1e876539be025131496b0cef0506c485ea95f3241ecb6d2885dfff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 07:59:40 GMT
x-content-type-options: nosniff
age: 242690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198184
x-xss-protection: 0
last-modified: Tue, 30 May 2023 20:53:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 07:59:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 292ms
111ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:39:35 GMT
x-content-type-options: nosniff
age: 110695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 20:39:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 352ms
170ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 02:19:04 GMT
x-content-type-options: nosniff
age: 349526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 02:19:04 GMT

GET
H2 200 tag Show response
btloader.com/ 24 KB
9 KB 187ms
64ms Script
application/javascript 104.26.7.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ecc5ab273a28a69038f8ef6e36634e798e88ddb277b38790e8b7bc3c498870

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 02:33:10 GMT
nel: {"max_age":604800,"success_fraction":0,"report_to":"cf-nel"}
server: cloudflare
age: 3002
etag: W/"a22d2d02bed5159f485dac84fff2e410"
vary: Origin, Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9Ty%2BZFTymryGZ1GnX%2BSsDMMke7gZUhIaTamxZ%2B3Y9NwLpZBVhS0QdRoMpvbRs03watRmN5YYlJu4rjaNTRO40G2F7pey7ehQBljylLyLyRc4ZuxeCfifKpENZAN2A%3D%3D"}]}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7e9817783e27488f-LIS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 365ms
114ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8662f7c5bce685f84e3659b04cd7bf4458badb636a3a414887c8372faefe9a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27547
x-xss-protection: 0
server: cafe
etag: 360 / 19558 / 31076190 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 03:24:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 291ms
83ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 02:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2952
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jul 2023 04:35:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 96ms
94ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5c83c28263ca9127606deab3198b5534ed48ea50b9a9839a7403318703e73850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 03:24:31 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 397ms
136ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 03:24:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
914 B 295ms
34ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645023
x-guploader-uploadid: ADPycdsO0FeHH6EpSwKnUAP6hSC7EWculKRfkRsPj_Xsy_73tlpetB50eDhB6SlJ4jNe_hmyfieKf6XhFne4VZVxRmq3EA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS2PlqDAqf%2FCwjrYfEexNiWvzBF28KS2jt9gJR%2FNsU6Fb75C96K2FHgH0DxnVtCyECLUsMtcURbedbE0WyiN%2FrM351%2FiuhQNsie81b5tEdv3iGoTh2ViW6eclvACSy1T7w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e98177a59ca03fa-LIS
expires: Wed, 12 Jul 2023 16:48:24 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 356ms
92ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 12:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 12:18:50 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
329 B 296ms
35ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6840298097541566
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645023
x-guploader-uploadid: ADPycdsO0FeHH6EpSwKnUAP6hSC7EWculKRfkRsPj_Xsy_73tlpetB50eDhB6SlJ4jNe_hmyfieKf6XhFne4VZVxRmq3EA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q3vcBSk9GMe%2B%2BTmd%2FiMK7tMVic08Q8CONVbxgW9w%2FEet251LyFdmJfBjPeZd3Lki24EqXAf1PaiOLDeYW3315IgvVRczTpOpYlQaq%2BKWw%2BVn4KYY4qrrS6avZiNLkOSpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e98177a59cc03fa-LIS
expires: Wed, 12 Jul 2023 16:48:24 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 270ms
65ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je37h0&_p=1444602342&cid=1909738902.1689823472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689823471&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fjev0gim3&dt=20%20Fun%20Infographics%20About%20Cybersecurity%20Service%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/ 390 KB
125 KB 339ms
86ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41894
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127219
x-xss-protection: 0
server: cafe
etag: 4991179400440994909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 15:46:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 117ms
73ms XHR
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1444602342&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fjev0gim3&ul=en-us&de=UTF-8&dt=20%20Fun%20Infographics%20About%20Cybersecurity%20Service%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=264192580&gjid=71448847&cid=1909738902.1689823472&tid=UA-55088947-2&_gid=102379606.1689823472&_r=1&_slc=1&gtm=45He37h0n8155WHPWQ&z=479773037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 159ms
158ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:31 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 159ms
159ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=uwu1yc73PV&w=5093624318001152&o=5102648370397184&cv=2.1.14-4-g332a93d&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fjev0gim3&sid=tVZfzZmO5&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 03:24:31 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 CWYD627N.json Show response
srv.buysellads.com/ads/ 930 B
687 B 469ms
152ms Fetch
application/json 104.131.19.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=502109&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.131.19.66 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-26.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: d76270f5ca92cf97ae9bfb276a9d04a5f606475dfa7f4d0359b88f2ec5273a81

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 550

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
997 B 152ms
51ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 913
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKBdwNF0GvbWpOjsLjvo3qU7PO8XfI2leN48pDE0AkuiWyOEBnZk7VQxIXYJmp0eAhIvfypIWLt1pbEl1%2FoF2UyqMsc8hVamfhQPhw7ej6fK0dyx%2F9ZVvxGyALZTWCCE"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7e98177e1a0e03f2-LIS

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 247ms
78ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=30906685061&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Thu, 20 Jul 2023 03:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
833 B 375ms
207ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fjev0gim3&PageUrl=https%3A%2F%2Fpastelink.net%2Fjev0gim3&PageReferrer=https%3A%2F%2Fpastelink.net%2Fjev0gim3

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

6435a2cef1c3e347c8f26a65249e598fee09d042a75a3f08c4d8185a2d1ebf46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 125
content-length: 480
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 263ms
85ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 301ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Thu, 20 Jul 2023 03:24:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 495 B
1 KB 391ms
216ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

40f45680d76e1dc9b4b0adf9c9d4c92a66064c06b306b6016624b4c36c8995bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
an-x-request-uuid: 8b53dd80-00e6-474e-93d4-1865026e0c79
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 495
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 98 B
420 B 278ms
90ms XHR
application/json 54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5041
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bb87493de94af20d7d0ffabfdafa42304eaa6f100f417470656947cdf24259e3

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 423 B
758 B 441ms
164ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=b746e54a-66b5-4236-84ef-0452dc10bf30&l_pb_bid_id=40bc51cea08d45f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.27389436789957977
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 28ab070c3b3625e95a8579a91f452997aaed4dfddca0cb049ef549215a9846dc

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 423
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
762 B 441ms
165ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=3add885a-847b-460d-99ab-53888a40f0c5&l_pb_bid_id=41b8d9bf80162d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.5258781564608599
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 59d2b5acaaba877ef259db01248c9f3c8037ec271a98ea2d3af314e3ab286c1b

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 425 B
758 B 435ms
159ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=54833894-26bd-47f6-a348-1046801be9b8&l_pb_bid_id=423ab3a27c77a26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.1634764565896214
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 55bf8f04f25fb38f6a8776afccb17746c6f69dedc76f42c9f8bb92d1a5d0ae9b

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 425
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
936 B 433ms
158ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fjev0gim3&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=56745db4-5c90-4a09-a58b-d2b0db3395e2&l_pb_bid_id=43ee379ed8bb843&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.5806387941748694
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 804cff8e2e4bd0ea12949dfd9882dba7aeb1a90a3eb0a9228b74746f0f6a3216

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
713 B 203ms
98ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Thu, 20 Jul 2023 03:24:32 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7e98177e58b334b9-LIS
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 11 KB
5 KB 424ms
193ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0b746dbc5c8702961e0844f04abc9ca57c3cf425bb1c5bfff0b6c9f8ed54f292

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 412ms
182ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 406ms
176ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:31 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 415ms
185ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 413ms
183ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:31 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 361ms
242ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e4ad725a13d00222774dfaa22f06695c92faafe1124b8a28ad07d973d852fb6c

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:32 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 03:24:32 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 151ms
59ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1086567
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YM0wwIJkbm4XNZUhky0zFNv79Ud4IsVlSxEQzRcvd2VmFz2WOkDalo266wB7yEAU3izDP5bwqSA0%2BT35%2B%2B793aKiKH3YhUlAKYAfdf6ld8EunkrRb78dRioJMWtAmRLj"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7e98177eff02488e-LIS

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 441ms
439ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589297906665205&correlator=1341119894334483&eid=31072019%2C31076190%2C31076211&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.40%26hb_creative%3D4071472658766480400%26hb_adid%3D6780639da869e33%26hb_bidder%3Dsmartadserver%26_bd%3Dbid%26_pl%3D0.40%26hb_size_smartadserve%3D728x90%26hb_pb_smartadserver%3D0.40%26hb_adid_smartadserve%3D6780639da869e33%26hb_bidder_smartadser%3Dsmartadserver%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1689823472761&lmt=1689823472&dlt=1689823470242&idt=1944&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C316%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjev0gim3&frm=20&vis=1&psz=1600x-1%7C705x395%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=1909738902.1689823472&ga_sid=1689823473&ga_hid=1444602342&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5ec0c2d1b2d781eb66f8499842258ab1b2612048d5944a767cfbba82ce196bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14148
x-xss-protection: 0
google-lineitem-id: 6242989401,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425542080,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 276ms
94ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

32facce728497e691e46976d5015b98bfba62c693db12665a41f839b7f169e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11690
x-xss-protection: 0

GET
H2 200 container.html Show response
6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FB5 6 KB
3 KB 299ms
86ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 03:24:33 GMT
expires: Fri, 19 Jul 2024 03:24:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/ 37 KB
13 KB 82ms
81ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl_page_level_ads.js?cb=31076190

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7da68ffb7251d1c6801675f21b5263304a48b60e92ece794fded52284a1a6c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27959
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13177
x-xss-protection: 0
server: cafe
etag: 1262804530532064844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 19:38:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 266ms
97ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 03:24:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0525 0
0 117ms
117ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6E_bCvNNBvQdo7x1KCN9COBlj5D3JerxoFqzLOfJbFR0knodKCvgysEquIqF-h7_tjFRPN7RHOouY-J4SX9eJ2ITNzzaNMf1c_pGJSH61XdwAjbBvM9aPcBdEbIWYbH6Z7ZAw5VL0HuPJaTO1jRkL0XNHR0aSorD8hcQq0fwUy2jackdE5u6NiF3TIuvCuo7Vwygd8UHjPGbS8PkgKAyTiXcGcjzHbMIUs1whV_E0cKEeSklo-P7n7jTbXB4W5w3JyqVgFAyfC1hOIZmiHl73DsPx3sv7lopYQlVdtEs0LQN1_1Dfx2PHYlIb7TXlGM4MxIU3roipLSRE9MrwCLDkKDDMG8UaBfMF6g&sai=AMfl-YSP-E50QVz8PVTrv8t_CwQ2RWa_vXCIfQBkYsnsUojCdimZKR-se7KkIRnRNTRgdHhE2MBBC_kSsBsE4qIR47bnMVmP44aTXIwKnzkPx_K-a5bL5ovZ_zeMn0oSc_0lGfl9iZYk37iR9ecWoGlp&sig=Cg0ArKJSzFHOhzxbOfq8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/jev0gim3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 03:24:33 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 0525 26 KB
9 KB 64ms
63ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 20:39:52 GMT
server: AmazonS3
x-amz-request-id: 7WNRBPTMPBNW92X3
etag: "6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption: AES256
x-hw: 1689823473.cds220.ma1.hn,1689823473.cds028.ma1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: 8K9yFGBgcn8N4MWceTyr4BqeG7AKVj5hOw52R8BkpRvDwI6PdK72By6XOgNDmP7ve4muVpOLF/I=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0525 179 KB
56 KB 91ms
90ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 03:24:33 GMT

GET
H/1.1 200
OK sas-banner-1.3.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 0525 35 KB
12 KB 331ms
97ms Script
application/x-javascript 23.53.40.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2f28e53424beade854325302d7671b42ec31220bab6ef021c95dc6a8d8235c8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jun 2023 14:06:45 GMT
Server: AkamaiNetStorage
ETag: "d1c72ab0d8a4b2f67c2cf215141ac265:1688048038.940187"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11616

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E485 13 KB
5 KB 84ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 2201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 02:47:52 GMT
expires: Fri, 19 Jul 2024 02:47:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A7D 783 B
919 B 93ms
91ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

9949708b9ab18a1231aabf6544951753965410e4c4bef5cc7b8e5421a1fc1a2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L14QKYJk-j_vFBLzalB1hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-L14QKYJk-j_vFBLzalB1hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 03:24:33 GMT
expires: Thu, 20 Jul 2023 03:24:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 0525 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f60efc29b844ae2a408e6c53a945de9e158c6db0b7ea0b93432b7c53e567ce25

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A7D 0
0 282ms
115ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307130101&jk=1589297906665205&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame E485 37 KB
14 KB 248ms
82ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

GET
H/1.1

200
OK

/ Show response
eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_... Frame 9AC4
Redirect Chain

https://eu.sportradarserving.com/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXj...
https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhz...

9 KB
5 KB

95ms
94ms

Document
text/html

3.120.62.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44d4c164ab541889ac02cfdbab07d4c71a11bf0d3701b4fce723c228612596ec

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3200
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 03:24:34 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:33 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 9147 43 B
270 B 230ms
77ms Image
image/gif 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=8126140801820961265&tmstp=9396717301&ckid=1845676064659655808&systgt=%24qc%3d1314134904%3b%24ql%3dHigh%3b%24qpc%3d1900-798%3b%24qt%3d58_1442_10621t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1689823472518&envtype=0&opid=5c23652a-03ba-4cff-9466-df8d7631bd60&opdt=1689823472517&siteid=587752&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fpastelink.net%2fjev0gim3&cappid=1845676064659655808&capp=0&mcrdbt=0&insid=11614228&imgid=0&pgid=1794822&fmtid=121283&isLazy=0&rtb=1&rtbnid=3835&rtbbid=8189773151795716679&rtbh=cacc6f5ddbfc54577a9c3e87a012fd40d8e928ba&rtblt=638254202725215723&rtbet=0&rtbptnid=31&cftgid=5559b2df9984
Requested by: Host: pastelink.net
URL: https://pastelink.net/jev0gim3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:33 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0525 0
0 293ms
123ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMP7SEyBJ2CoD2CweHrhfN5tpEc2XYLEuw-CN0pCsTEY7EP4SWv9GSx0-FD1WHHNbMQP89_zrO8pQwoZB_Ez31ZZoofTsVFi69-D7OoLakHZxxNCoWJ5xZYv9QuzynFbpq2MzOZPjBwsBwdeFowzMwXWzI8-XVmaRVUOG_l__mj7IKzOP0ln0WL6K9qdkEYyRfGooxIjQYFr5TR79SyoRpNNR4OLqxfYtPrfBx_OYl6zaQy5DV0VLm3PdjG_S-hz17ZnmlHGWfTIj5wcxGFYpDDhgEOz5FgmgSwZWY9R_GvLmcgZw9qUYlAMIKd4EqqWdHsWVgYGkkEWi1iJXfp_nuYvDMgsmLCvAKHCTQ&sai=AMfl-YR-7DGZ46gUNgReG2BkB-5Gtgfqr4Kn2D1iAUqAwT4TMrjd-ndnal9Oh5JM26SspWXib--PAI2LGjQzcHLqYH4lHcx5BeE4vzzYPR1edvqQn8ncS3y63Cihxh71bf6XD4xspLHgyHu0HjAEN4Jf&sig=Cg0ArKJSzJMes2oNQ6OqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 03:24:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E485 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vIfRYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 9AC4
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=870282df-65e2-41b9-af35-7409721ca650
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=870282df-65e2-41b9-af35-7409721ca650
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a9a26015-4b82-4bbf-a543-03d1e52be9cf&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

0
362 B

275ms
87ms

Image
text/plain

35.158.34.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a9a26015-4b82-4bbf-a543-03d1e52be9cf&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Protocol: H2
Server: 35.158.34.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-34-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:34 GMT

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a9a26015-4b82-4bbf-a543-03d1e52be9cf&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date: Thu, 20 Jul 2023 03:24:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 9AC4 1 KB
2 KB 86ms
85ms Image
image/png 3.120.62.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:34 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 17 Jul 2023 11:05:23 GMT
Connection: keep-alive
ETag: 16895919231319
Content-Length: 1319
Content-Type: image/png

GET
H2 200 index.html Show response
clodds.solverde.pt/jackpot/ Frame E2D6 10 KB
10 KB 475ms
230ms Document
text/html 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0defab41476eb7d257a7d68e2898dfb79c365dbd57bdeafdde0fca83acd01113

Request headers

Referer: https://eu.sportradarserving.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 10056
content-type: text/html
date: Thu, 20 Jul 2023 03:24:35 GMT
etag: "cd6b639b6f794d43846980f4373f0c99"
last-modified: Thu, 20 Jul 2023 03:22:38 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-id: EKuuYq16miDTLyiF0FrNcMGSA-6oN7_rbG3h4wz3IXvONfFB_OWArA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H/1.1 200
OK VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz74...
eu.sportradarserving.com/mimp/ Frame 9AC4 43 B
220 B 166ms
89ms Image
image/gif 3.120.62.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
118ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307130101&jk=1589297906665205&bg=!Tk2lTRnNAAa3SiIRl0o7ADkAdvg8WhFLklyGjewkYnnKZWEQO6Ve8_Fcd2VdZPlzPJKZqMVqIZfqZhgAgK7nxPxAoUGb8s2_UA0CAAAAYFIAAAAGaAEHCgBJPHUcTbD1S8uARQ5Cjpuz_ds8k9k7XNL0HYpNYSaPPYyhxGEBXONR_lU2uGBQYEF574YZq1CZ17BuBO9tZUbI-PgHaEIJqfaD5JkCp69GeRBdRg_iYSQZV-bI96RL1ZVCN7eDWyidhDaeoAjVWlQSfAO_DJRZcA7KcbL_qBuXiXFpnL7rm-TxsO5gftlMtW2v2UESVPDEMUywLo9cVCgLFKVVjl1v8-MNlrqoVjpcrRvx4LxDRh0B6tbeLMIw4CAeOz8IL2aP7h2yIq7cz3vXmRf7nUqOaCSqS3N5HI1tnsUJnYCAn408M3lSNorCC_ynXNFrHi8c7RoOCSDw1dLPuhejIRVyPoYJApTd3c31mAGiuAw3hmRPQyXMnPJ04lbcRNJhs1futsZMfXxXHJVUuzgT_XudsXDEDawN8l11S7JoFiNDiitDflroXvhi6pmsGUqP-oiFs4NJyzZF_9bkr9UFNSlfLx7R5Jkbkv70J0gmsLf1gomY0Hjj6PoO2GxsAx8Fd2qn_fW4zUBhhr5OWDp7Ugbqr1_WfQ76CoB1cXHeWwCzN_03IWhMVUIDiDC2Mm0rAGClRofDVtSP6gCeTPBjAqEUUqPdnWt80VKwM8tfkWzz44CQJF91LCzEzOimtEhiwzxm45ZAnWwi66rkRyDhtLq_BPhgbYKFPbZqGpVkEJ9qq40hSGSrjVuh4oL9h-_rUw8nHkmjrnNOV7Mvua6IKYoK9qEKTQMsd-y-yBLUduz5O2FfwwnWXp1v2z-RvmtbfK2JGIFqzVFSryUvgN0lo_SJPmBBlquTa9ZDM5HzpKwASeJhIaPjnT4VGWoFdeGnS_7sfy4nIvAtq3eyw9Gcx8kEX1zhCmgC6tFByTldJoYe32F14gfV6nrL5d7v1Zc4V2lXE9b6ozF6QnSJ_I0k7bS4Y5Tfq2C9UijS3z9s3qf2OJfsjZN08a-vcQzxxI6zvjr2reCdUMTYr2UMCJHG-lfms6hI6wk4UZzfL39XUzc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 style.css
clodds.solverde.pt/jackpot/ Frame E2D6 24 KB
25 KB 227ms
226ms Stylesheet
text/css 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clodds.solverde.pt/jackpot/style.css?v=13
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced5f8cd8fb80d6ae058ddfc906d660ed80a20379b1e9b3c595f92e4e5ba247a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:35 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:52:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "b9c6f84939a0ed2e47e048b5af6fde86"
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 24941
x-amz-cf-id: UCzPtsiSb3KT9Z487GD2uwoHU9y6T-BFwtdxNmmYFTVABd7pm-X4Lg==

GET
H2 200 jquery-3.0.0.min.js Show response
clodds.solverde.pt/js/ Frame E2D6 84 KB
85 KB 264ms
264ms Script
text/javascript 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clodds.solverde.pt/js/jquery-3.0.0.min.js
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:35 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Sat, 15 Jul 2023 08:22:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "d0212568ce69457081dacf84e327fa5c"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 86341
x-amz-cf-id: icDyWigUGgr6pfMNi_kQj8Mc7busVOx_GFTWVzbSlUHfAjZAY0ew2w==

GET
H/1.1 200
OK new_jackpotjs.js Show response
webtickers.malmegas.com/jackpots/ Frame E2D6 10 KB
10 KB 353ms
119ms Script
application/javascript 213.187.226.60
PTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://webtickers.malmegas.com/jackpots/new_jackpotjs.js

Requested by

Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.187.226.60 , Malta, ASN43937 (PTNET, EE),

Reverse DNS

Software

Resource Hash

da0d715cba8a35d0b595abecffac4df0cc3243ee919b5290785ac6419f8cdab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jul 2023 03:24:34 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Connection: close
Content-Type: application/javascript

GET
H2 200 ad.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 2 KB
3 KB 204ms
203ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/ad.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Sun, 16 Jul 2023 01:52:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "479e7dbe9215ddc11cd4defff4f3eb85"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2219
x-amz-cf-id: bWhU_pqZ7ri7ooUb8JBqBjEPECXn9u1ysBLxsTNAqQk8hpiqgTHpIA==

GET
H2 200 logo_horizontal.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 6 KB
6 KB 224ms
222ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/logo_horizontal.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5af308e571b9f63c42a7aa1232646d737db468ab311d3c205426cdbe47f14a1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Sat, 08 Jul 2023 04:22:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "76540629935b34532f8f0bb924eab6fc"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5929
x-amz-cf-id: hWuSVHcwHArCCXAe9fzE2kTL5j4to_5UURUZXjLV7bmObkBGRNEqIQ==

GET
H2 200 logo_vertical.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 6 KB
6 KB 225ms
223ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/logo_vertical.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3009a99d4a9c2e1ed95adfefb4ab8d34cff2969218fb37c110cf548b6a3495fd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 01:52:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "f94e50d9fc5fc6ec517e82af6e3166a4"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5945
x-amz-cf-id: uWF0oiKvt5IWYh7Sd71GTB0u3majC64QMVehMv8gZXbKwuqPsSruyw==

GET
H2 200 copy_1.png
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 55 KB
56 KB 205ms
203ms Image
image/png 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/copy_1.png?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1375e95bcf730203c37d7f68c45df1cbfb40ed791341678e78cb22ad2ea9117

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2023 08:42:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "3230ea51c48b1b9c7dd6cd7462abd88d"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 56740
x-amz-cf-id: eW0fMQgLKjRSzaXh-oQNOx2KOzUYmIF-KbbLDwSIvIoibvwjIFJX5A==

GET
H2 200 logo_slot.png
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 18 KB
18 KB 246ms
245ms Image
image/png 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/logo_slot.png?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db101dfa2040912706f0525df27d0f4570989377239eb0f790d7225719278398

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2023 08:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "ae58ad36fe72cf63d5aec89e6ad62f4f"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 17977
x-amz-cf-id: OUiXcSGi20zrVpSYnCPO90WGdjpnQoEf2vSPlt5k62AKd6Dpk_epng==

GET
H2 200 cta_large.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 2 KB
2 KB 222ms
221ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/cta_large.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b67dcfb49f1dc548bad03e39773c62ce1eefaf5bc9dd2e6867723756b5cd5a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2023 08:42:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "5ed43506039f4d812216835a9712da84"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2047
x-amz-cf-id: HrG9zSnWra0HUZ3kvJ46ACaZLSMl2_L9pGELs2qeF4dT5wSSaLE82w==

GET
H2 200 legal_horizontal.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 10 KB
11 KB 224ms
223ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/legal_horizontal.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1fb40ce90361767141eae3a3471088eb76ea17389cdf1d99af5d2510518c8b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Sat, 15 Jul 2023 08:22:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "2058f559e4890dfdb8d67b51426258bd"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 10416
x-amz-cf-id: qZ9AiVB409RsSNwTeaUw4AJIwFLwQHn1vbV123N1k3GzetNq_1Nr3Q==

GET
H2 200 legal_vertical.svg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 11 KB
11 KB 245ms
244ms Image
image/svg+xml 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/legal_vertical.svg?v=1
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 361642fb54878024d3f33493267d01dd59f53ed5ab2b50cee28d8a6ccb63a658

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/index.html?clickTag=https://eu.sportradarserving.com/click/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U//?click3rd=&lp_d2a97axd=https://joga.solverde.pt/redirect.aspx?pid=15928&bid=1822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jul 2023 04:52:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "47621f709d4a877f34e2195a9db975a0"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 10943
x-amz-cf-id: 5dEPs-R7spn2oxH5SXBzGvrBrQfDlmckiaCwohPPQOP_lznZc3BWGQ==

GET
H/1.1 200
OK action
www9.smartadserver.com/track/ Frame 0525 43 B
163 B 294ms
76ms Image
image/gif 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www9.smartadserver.com/track/action?sid=1689823473332&pid=1794822&iid=11614228&fmtid=121283&cid=0&key=viewcount&rtb=1&rtbbid=8189773151795716679&rtbet=0&rtblt=638254202725215723&rtbnid=3835&rtbh=cacc6f5ddbfc54577a9c3e87a012fd40d8e928ba&ts=1689823473332
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:34 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0525 42 B
174 B 115ms
114ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_U3guaQgmtTBKa7GVTzyn-bcZ5RPsuv0hP6YAgwcMHXczvTuCEIe3-z16JhEd2k1iy_kuFrlrrKol-CG3_CVG5_251rDS5qLrLNEwY6iuBSM3bxDZ&sig=Cg0ArKJSzKOjNtjgD8dREAE&id=lidar2&mcvt=1000&p=1102,800,1103,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=840525636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689823473246&rpt=435&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 320ms
132ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 03:24:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E2D6 6 KB
692 B 89ms
89ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@100;300;500;600;700&display=swap

Requested by

Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/style.css?v=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

5b773aa0c5481c1b3c7146b05dabdf8e6b6173b5e297a37232765aa544e98ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 03:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 03:24:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 03:24:34 GMT

GET
H2 200 728x90_bg.jpg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 9 KB
10 KB 248ms
248ms Image
image/jpeg 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/728x90_bg.jpg?v=3
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/style.css?v=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 579e5f3e0fbe2322bc34404f051c461931e7c50e48480af5cb12bddb34237479

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/style.css?v=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jul 2023 08:42:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "6ca926320f25f6b071d0e35ce6717e84"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9424
x-amz-cf-id: Rt4YlfjF6qwPU70rWIcp43_Ww3es6UIWiWwPZIwGjGyIJOnaiDaj1w==

GET
H2 200 320x50_bg3.jpg
clodds.solverde.pt/jackpot/imgs/ Frame E2D6 5 KB
5 KB 245ms
244ms Image
image/jpeg 18.66.97.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clodds.solverde.pt/jackpot/imgs/320x50_bg3.jpg?v=3
Requested by: Host: clodds.solverde.pt
URL: https://clodds.solverde.pt/jackpot/style.css?v=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d15db5b545856157813d0cd4eac3811c468820e20cfbcc289baf71c8df2e8654

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/jackpot/style.css?v=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jul 2023 02:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "acc41b43b21ca41c1678484fe4881a09"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 5117
x-amz-cf-id: 2PW4Y-63WSQQorN5CcNf3BYY3DJbB5bllJE62jGa3Oj731Kdj4tdrw==

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ Frame E2D6 21 KB
21 KB 80ms
79ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@100;300;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://clodds.solverde.pt
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:55:50 GMT
x-content-type-options: nosniff
age: 19725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21352
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:55:50 GMT

GET
H/1.1 200
OK js Show response
webtickers.malmegas.com/ Frame 993A 568 B
868 B 344ms
114ms Script
application/json 213.187.226.60
PTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://webtickers.malmegas.com/js?info=1&casino=casinosolverde.pt&game=mrj-4&currency=eur&local=1

Requested by

Host: webtickers.malmegas.com
URL: https://webtickers.malmegas.com/jackpots/new_jackpotjs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.187.226.60 , Malta, ASN43937 (PTNET, EE),

Reverse DNS

Software

Resource Hash

be6a3017961839a29301be22a976a84bd102c9e05a547a8ed8363834b5f511d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Thu, 20 Jul 2023 03:24:35 GMT
Age: 272
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=599
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 568

GET
H/1.1 200
OK js Show response
webtickers.malmegas.com/ Frame 84BE 568 B
868 B 346ms
115ms Script
application/json 213.187.226.60
PTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://webtickers.malmegas.com/js?info=1&casino=casinosolverde.pt&game=mrj-4&currency=eur&local=1

Requested by

Host: webtickers.malmegas.com
URL: https://webtickers.malmegas.com/jackpots/new_jackpotjs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.187.226.60 , Malta, ASN43937 (PTNET, EE),

Reverse DNS

Software

Resource Hash

be6a3017961839a29301be22a976a84bd102c9e05a547a8ed8363834b5f511d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://clodds.solverde.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Thu, 20 Jul 2023 03:24:35 GMT
Age: 272
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=599
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 568

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 177E 15 KB
6 KB 233ms
81ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 03:24:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 280485
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 300ms
131ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 03:24:35 GMT

GET
H/1.1 200
OK VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz74...
eu.sportradarserving.com/vimp/ Frame 9AC4 43 B
220 B 90ms
89ms Image
image/gif 3.120.62.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 177E 431 B
553 B 77ms
76ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc9124c1648bc1945cf122c1b055a684698991809a9f1441d0cdb9ca9e41e4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1258761
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 62F9 281 B
554 B 285ms
88ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 03:24:36 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame A44E 9 KB
4 KB 280ms
88ms Document
text/html 13.32.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 66209
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Wed, 19 Jul 2023 09:01:08 GMT
etag: W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified: Wed, 07 Jun 2023 17:56:33 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-id: qd_5gDf-TIpwo9E3S-4Kn-HM139tjPG140yTpioNGVFlRVWysriGGw==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5: 0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256: 956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame 5466 0
0 88ms
85ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1689823472501

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame ABE3 24 KB
8 KB 304ms
99ms Document
text/html 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

06a9915fbbd6bbf38d446c1a894465d4b384caccf46bbfb57061b3e3d5a1536e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8515
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Sat, 22 Jul 2023 03:24:36 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 812D 52 KB
17 KB 148ms
47ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 67440
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 20 Jul 2023 03:24:36 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 16 Jul 2023 08:40:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 209, 109940
X-Served-By: cache-lga13626-LGA, cache-lis1490054-LIS
X-Timer: S1689823476.093258,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D815 15 KB
6 KB 294ms
90ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1689823200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=40007
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Thu, 20 Jul 2023 14:31:23 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 812D 0
595 B 86ms
86ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
an-x-request-uuid: 353d8e60-cc1d-4a86-bae6-e63243a9f1ad
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 62F9 34 KB
10 KB 96ms
94ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 21:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63741
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 21:06:57 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 74E0 4 KB
2 KB 283ms
89ms Document
text/html 63.33.165.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.165.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-165-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e6dfa1684c6901d15ae5ef662536cd663174e97c3e5da3e4d33acce4130690e1

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 20 Jul 2023 03:24:36 GMT
etag: W/"0ae58c6497e874ab9b310cdf5976faa69"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 8B3E 0
0 85ms
85ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame F41C 480 B
683 B 282ms
76ms Document
text/html 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 5d76a96bd44b6142cf65a89de782768a467bcbbf9371a2e7149413feea904453

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-length: 480
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9FA7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
2 KB

193ms
98ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 51cb71740b64e53878a653b7a94a5a73664891a4d5d6ff7d038e3f248301ae74

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1792
Content-Type: text/html
Date: Thu, 20 Jul 2023 03:24:36 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:36 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C9C6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

86ms
86ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 03:24:36 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Jul 2023 03:24:36 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1609 15 KB
6 KB 88ms
88ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=40007
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Thu, 20 Jul 2023 14:31:23 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame E17B 0
525 B 308ms
110ms Document
text/html 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT
server: istio-envoy
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-id: AzYkQlTW1GpY0C3HXtwekQtsCDpXOvUY-Aancmam4s307Cn-ncvDTQ==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 990A 0
160 B 262ms
84ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:36 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 2B9D 0
370 B 458ms
151ms Document
text/html 3.226.99.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.99.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-99-159.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame A475 16 KB
6 KB 208ms
46ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lis/2E9C) /
Resource Hash: e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 413
cache-control: max-age=900
content-encoding: gzip
content-length: 5982
content-md5: LEKRb+dDodMGZNnV5iGn5Q==
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 03:24:36 GMT
etag: 0230cb2d-7adc-4c08-b347-25a3ff3af06b
expires: Thu, 20 Jul 2023 03:39:36 GMT
last-modified: Fri, 14 Jul 2023 17:12:37 GMT
opc-request-id: iad-1:nUFMxjzJlMhMMfSbcO5GQqr90kREa6wlaEOgko_Jj1wjDN9H6v-_5vRwJHLdccmo
server: ECAcc (lis/2E9C)
storage-tier: Standard
vary: Accept-Encoding
version-id: cfdc7a77-2051-4994-ba67-f5c4beb2cdc2
x-api-id: native
x-cache: HIT

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=596599611831385886

0
344 B

87ms
87ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=596599611831385886
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
an-x-request-uuid: 76d83e10-b958-4465-930d-ff75a9bfdda2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=596599611831385886
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HApMsRZHIEV50gBwT_-OvX0B

0
351 B

87ms
87ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HApMsRZHIEV50gBwT_-OvX0B
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HApMsRZHIEV50gBwT_-OvX0B
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A44E 0
277 B 267ms
82ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jul 2023 03:24:36 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689823476578
https://ad.turn.com/r/cs?pid=45&rndcb=1423845613
https://sync.1rx.io/usersync/turn/3238793370979378497?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003
https://ads.servenobid.com/sync?pid=321&uid=RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003

0
361 B

87ms
87ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:38 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003
date: Thu, 20 Jul 2023 03:24:38 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6cc49318a6aa442380d918c8d251c8cc003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5124322327490177739

0
344 B

97ms
93ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5124322327490177739
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5124322327490177739
Date: Thu, 20 Jul 2023 03:24:36 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame A44E 0
500 B 576ms
145ms Image
text/plain 69.166.1.10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-132
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=

0
252 B

90ms
89ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=
date: Thu, 20 Jul 2023 03:24:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame A44E 0
125 B 296ms
89ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5

0
359 B

89ms
87ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame A44E 0
15 B 298ms
92ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame A44E 0
365 B 88ms
86ms Image
text/plain 35.158.34.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.34.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-34-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A44E
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

93ms
92ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 20 Jul 2023 03:24:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Thu, 20 Jul 2023 03:24:36 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D815 5 KB
6 KB 315ms
83ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23758237&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e48935dbae213bb7a3daeaf70d60d3b697a7fc9901b95a53510a31604c1b79dd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 03:24:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET

setuid
px.ads.linkedin.com/ Frame 62F9
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKAL9K8K-26-LC0H

0
0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 62F9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mC3g9e-fQG6MqSZ5OOdesQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mC3g9e-fQG6MqSZ5OOdesQ

43 B
479 B

168ms
167ms

Image
image/gif

52.95.118.179

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mC3g9e-fQG6MqSZ5OOdesQ

Protocol

HTTP/1.1

Server

52.95.118.179 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CJKA7SDSFW50ZNXNBX3R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mC3g9e-fQG6MqSZ5OOdesQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 62F9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiODA1MTAwYjExNjE4NDgwYmNlMTZjYjVkZmQ4NmRhZmM5M2M4ZQ

170 B
232 B

91ms
90ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiODA1MTAwYjExNjE4NDgwYmNlMTZjYjVkZmQ4NmRhZmM5M2M4ZQ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiODA1MTAwYjExNjE4NDgwYmNlMTZjYjVkZmQ4NmRhZmM5M2M4ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 62F9 70 B
264 B 342ms
112ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtBTDlLOEstMjYtTEMwSA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPm-zUKVkdpwxFZcWL2DdrQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtBTDlLOEstMjYtTEMwSA==&google_push=

170 B
188 B

92ms
91ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtBTDlLOEstMjYtTEMwSA==&google_push=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtBTDlLOEstMjYtTEMwSA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 62F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqnRwkDZUu7A2PyiWjV7Gk&google_cver=1

0
239 B

733ms
81ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqnRwkDZUu7A2PyiWjV7Gk&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqnRwkDZUu7A2PyiWjV7Gk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

gIZVdziaukouAm8imtHfNcn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 62F9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/gIZVdziaukouAm8imtHfNcn5EUdSAgOZEtemQ7w0kco?csrc=

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 62F9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KhyXZxZrTZmay_9XkhKQ8g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KhyXZxZrTZmay_9XkhKQ8g

43 B
479 B

156ms
156ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KhyXZxZrTZmay_9XkhKQ8g

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B336JNH1GB87AN2MPJXJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KhyXZxZrTZmay_9XkhKQ8g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame A475
Redirect Chain

https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99
https://ads.servenobid.com/sync?pid=362&uid=GDPR

0
335 B

87ms
87ms

Image
image/avif

54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=362&uid=GDPR
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:37 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 195626184
location: https://ads.servenobid.com/sync?pid=362&uid=GDPR
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=596599611831385886

35 B
250 B

733ms
90ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=596599611831385886
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
an-x-request-uuid: e382e5dd-91db-4f5c-a705-13f27e536927
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=596599611831385886
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

p-zLwwakwy-hZw3.gif
cms.quantserve.com/pixel/ Frame 74E0
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&gdpr=0&gdpr_consent=&us_privacy=1---
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

0
0

GET redirectObuid
sync.outbrain.com/ Frame 74E0 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=6a0ff8b3-3b44-4c3e-a63a-3b10af42472b

35 B
250 B

656ms
89ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=6a0ff8b3-3b44-4c3e-a63a-3b10af42472b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 20 Jul 2023 03:24:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=6a0ff8b3-3b44-4c3e-a63a-3b10af42472b
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-5d241b9c-fd22-57f7-6d77-44d44a0291ce$ip$91.250.240.59

35 B
250 B

303ms
89ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-5d241b9c-fd22-57f7-6d77-44d44a0291ce$ip$91.250.240.59
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-5d241b9c-fd22-57f7-6d77-44d44a0291ce$ip$91.250.240.59
Date: Thu, 20 Jul 2023 03:24:37 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 74E0 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=01efaa06-3749-4afd-8d64-d679f2d94c8d

35 B
250 B

419ms
90ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=01efaa06-3749-4afd-8d64-d679f2d94c8d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=01efaa06-3749-4afd-8d64-d679f2d94c8d
Date: Thu, 20 Jul 2023 03:24:37 GMT
Connection: keep-alive
X-CI-RTID: 4a1771c0-ae07-4604-ade5-3af6881829cc
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

501ms
89ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 20 Jul 2023 03:24:36 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 184055800
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET 142
match.deepintent.com/usersync/ Frame 74E0 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 74E0 0
0

GET server_match
ad.360yield.com/ Frame 74E0 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=QdCVNnJ5C3lD&ev=1&pid=558355

35 B
250 B

90ms
89ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=QdCVNnJ5C3lD&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: pt-PT
location: https://usersync.gumgum.com/usersync?b=pln&i=QdCVNnJ5C3lD&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-79f67df6d5-lk6jn
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 74E0
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=6329789163415194840

35 B
250 B

771ms
93ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=6329789163415194840
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=6329789163415194840
date: Thu, 20 Jul 2023 03:24:36 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 74E0 0
358 B 90ms
87ms Image
image/avif 54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 23A6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLio9QAAA1QLVAAb

85 B
170 B

45ms
44ms

Document
image/png

151.101.194.49

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLio9QAAA1QLVAAb
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 2731
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 20 Jul 2023 03:24:37 GMT
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 514
x-served-by: cache-lis1490047-LIS
x-timer: S1689823478.974081,VS0,VE0

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 03:24:37 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLio9QAAA1QLVAAb
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490047-LIS
x-timer: S1689823478.839067,VS0,VE88

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 53B1 170 B
243 B 178ms
90ms Document
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NDYxZjNjNi1jMjljLTQ0NTMtYmQ0Ny1iMDcxN2UwZmJiMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7E36 15 KB
6 KB 88ms
88ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=40007
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Thu, 20 Jul 2023 14:31:23 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 96D9 70 B
265 B 254ms
111ms Document
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 20 Jul 2023 03:24:36 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET idsync
tg.socdm.com/aux/ Frame 335C 0
0

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 8B23 20 B
189 B 1446ms
150ms Document
text/plain 80.77.87.162

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.162 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 20 Jul 2023 03:24:37 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200
OK

usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 077D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1

43 B
766 B

196ms
89ms

Document
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Jul 2023 03:24:36 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:36 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
Location: /usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET cm-notify
creativecdn.com/ Frame A6A7 0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5B67
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

107ms
86ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 03:24:36 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Jul 2023 03:24:36 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 sync
ads.servenobid.com/ Frame F41C 0
344 B 90ms
88ms Image
image/avif 54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=761960222791748724&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame F41C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7257736569745242262&gdpr=0&gdpr_consent=

43 B
329 B

137ms
75ms

Image
image/gif

185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7257736569745242262&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:37 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7257736569745242262&gdpr=0&gdpr_consent=
Date: Thu, 20 Jul 2023 03:24:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 404 genericusersync.ashx
sync.tidaltv.com/ Frame F41C 0
67 B 332ms
87ms Image
text/plain 54.72.81.170

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.81.170 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET sas
match.prod.bidr.io/cookie-sync/ Frame F41C 0
0

GET p-EtBqU4Lj3YbAv.gif
cms.quantserve.com/pixel/ Frame F41C 0
0

GET pubmatic
d5p.de17a.com/getuid/ Frame 9E17 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4B6D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

82ms
82ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 03:24:37 GMT
expires: Thu, 20 Jul 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 837250
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 47D9
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327490177744

42 B
423 B

2081ms
83ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327490177744
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:36 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327490177744
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 51DD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

349ms
246ms

Document
image/gif

52.95.118.179

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Jul 2023 03:24:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: BM9QPEW65Z4225WEVG3K

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 03:24:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7ZV8CSFPQ5QDQDC74Q4A

GET p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 9CDF 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3A90
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=596599611831385886&gdpr=0&gdpr_consent=

42 B
446 B

915ms
82ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=596599611831385886&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: d6eecac7-ff9d-454c-9e78-b7038eb1f434
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 03:24:36 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=596599611831385886&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7257736569743407254&gdpr=0&gdpr_consent=

42 B
220 B

82ms
82ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7257736569743407254&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 20 Jul 2023 03:24:37 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7257736569743407254&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5830
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XSQbnP0iV_dtd0TUSgKRzlv68Ds&gdpr=0&gdpr_consent=

42 B
298 B

377ms
83ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XSQbnP0iV_dtd0TUSgKRzlv68Ds&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 03:24:37 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XSQbnP0iV_dtd0TUSgKRzlv68Ds&gdpr=0&gdpr_consent=

GET sync
t.adx.opera.com/pub/ Frame 5F7A 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame 4479 0
0

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame F11F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
252 B

221ms
221ms

Document
image/png

151.101.194.49

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLio9QACJ9y7jgA_
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 20 Jul 2023 03:24:38 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490047-LIS
x-timer: S1689823478.974546,VS0,VE176

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 03:24:37 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLio9QACJ9y7jgA_
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490047-LIS
x-timer: S1689823478.839197,VS0,VE88

GET /
csync.loopme.me/ Frame A0B6 0
0

GET bridge
cm.adgrx.com/ Frame 9D36 0
0

GET cookiesync
core.iprom.net/ Frame E21D 0
0

GET cm
ipac.ctnsnet.com/int/ Frame 8A1D 0
0

GET i.match
a.tribalfusion.com/ Frame 368C 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 20F4
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=31r89wo2ugmn

42 B
229 B

1255ms
86ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=31r89wo2ugmn
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Thu, 20 Jul 2023 03:24:37 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=31r89wo2ugmn
lws: 222
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET pubmatic
ad.mrtnsvr.com/sync/ Frame 2EC8 0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D815
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MagbF9clSRSjwyK-IMn1Kg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

89ms
88ms

Image
text/html

23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=40007
accept-ranges: bytes
content-length: 5606
expires: Thu, 20 Jul 2023 14:31:23 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET qmap
sync.crwdcntrl.net/ Frame D815 0
0

GET cr
cr.frontend.weborama.fr/ Frame D815 0
0

GET match
a.audrte.com/ Frame D815 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D815
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFBODFCMTctRDcyNS00OTE0LUEzQzMtMjJCRTIwQzlGNTJB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

2042ms
84ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D815
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyn2hvNqe1jMY6eV2i1iEw&google_cver=1

42 B
295 B

2042ms
85ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyn2hvNqe1jMY6eV2i1iEw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 03:24:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyn2hvNqe1jMY6eV2i1iEw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame D815 0
0

GET match
c1.adform.net/serving/cookie/ Frame D815 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D815 70 B
264 B 123ms
113ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET 31A81B17-D725-4914-A3C3-22BE20C9F52A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D815 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame D815 0
15 B 110ms
100ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31A81B17-D725-4914-A3C3-22BE20C9F52A&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

/
sync.bumlam.com/ Frame D815
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=a9a26015-4b82-4bbf-a543-03d1e52be9cf&gdpr=0&gdpr_consent=

0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame D815 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D815
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2590275024638027073&gdpr=0&gdpr_consent=&us_privacy=

1 B
194 B

82ms
82ms

Image
text/html

185.64.191.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2590275024638027073&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 03:24:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2590275024638027073&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame D815 0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame D815 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C9C6 34 KB
10 KB 158ms
94ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 21:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63741
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 21:06:57 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5B67 34 KB
10 KB 188ms
95ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 03:24:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 21:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63741
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 21:06:57 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9FA7 70 B
264 B 115ms
111ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET rrum
dsum-sec.casalemedia.com/ Frame 9FA7 0
0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9FA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPu7jqYyG-ZW9QC6RaMedyA&google_cver=1

43 B
766 B

88ms
88ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPu7jqYyG-ZW9QC6RaMedyA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPu7jqYyG-ZW9QC6RaMedyA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9FA7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

328ms
156ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AAX67C2BYYHKB0F416WM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DFA8E0EZMEKASSZFP179
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 9FA7
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f842ccd5-6835-e14f-7ed737d8

43 B
632 B

350ms
88ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f842ccd5-6835-e14f-7ed737d8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 03:24:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 20 Jul 2023 03:24:37 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f842ccd5-6835-e14f-7ed737d8
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET /
csync.loopme.me/ Frame 9FA7 0
0

GET ie
match.prod.bidr.io/cookie-sync/ Frame 9FA7 0
0

GET p-Z8PuJEk6U7Hyq.gif
cms.quantserve.com/pixel/ Frame 9FA7 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 9FA7 0
356 B 91ms
88ms Image
image/avif 54.194.182.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZLio9BSMepmAZ-qXb12auAAACJcAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:36 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C9C6 0
239 B 730ms
142ms Image
image/gif 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LKAL9K8K-26-LC0H
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5B67 0
239 B 671ms
81ms Image
image/gif 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LKAL9K8K-26-LC0H
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 812D 0
595 B 84ms
83ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:37 GMT
an-x-request-uuid: 6c483429-1fb1-4b42-928c-68c894215ce7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 90ms
89ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je37h0&_p=1444602342&cid=1909738902.1689823472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&_s=2&sid=1689823471&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fjev0gim3&dt=20%20Fun%20Infographics%20About%20Cybersecurity%20Service%20-%20Pastelink.net&en=ad_impression&ep.query_id=CP2t0_6qnIADFYL6dwod5kMB1A&_et=1702
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 03:24:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D815 0
260 B 296ms
84ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:24:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKAL9K8K-26-LC0H

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/rubicon/gIZVdziaukouAm8imtHfNcn5EUdSAgOZEtemQ7w0kco?csrc=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=gumgum

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: ipac.ctnsnet.com
URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=31A81B17-D725-4914-A3C3-22BE20C9F52A&gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=31A81B17-D725-4914-A3C3-22BE20C9F52A

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/31A81B17-D725-4914-A3C3-22BE20C9F52A?gdpr=0&gdpr_consent=

Domain: sync.bumlam.com
URL: https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=a9a26015-4b82-4bbf-a543-03d1e52be9cf&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=31A81B17-D725-4914-A3C3-22BE20C9F52A&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/ie

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 14:13:43	Name: PHPSESSID Value: 09pv1o5ak2p003a4u5up7k38i8
.pastelink.net/	1970-01-20 15:33:19	Name: _gcl_au Value: 1.1.1528837994.1689823471
.pastelink.net/	1970-01-20 22:59:43	Name: _ga Value: GA1.2.1909738902.1689823472
.pastelink.net/	1970-01-20 13:25:09	Name: _gid Value: GA1.2.102379606.1689823472
.pastelink.net/	1970-01-20 13:23:43	Name: _gat_UA-55088947-2 Value: 1
.adnxs.com/	1970-01-20 15:33:19	Name: icu Value: ChgIvahBEAoYASABKAEw8NHipQY4AUABSAEQ8NHipQYYAA..
.adnxs.com/	1970-01-20 15:33:19	Name: uuid2 Value: 596599611831385886
.rubiconproject.com/	1970-01-20 22:09:19	Name: khaos Value: LKAL9K8K-26-LC0H
.rubiconproject.com/	1970-01-20 22:09:19	Name: audit Value: 1\|naVuGyos1qpFwqgVpym81i5P3Mk54on0yZ9nh9cPSbMMj9+I9WsYQjOHESLX5rMakXNIlH39RRrmzxsY980nGcS6msSuYhvUvsVAPbIH/+GyqVI1k5poNA==
.pastelink.net/	1970-01-20 22:45:19	Name: __gads Value: ID=99a7bcf9f110ffd3:T=1689823472:RT=1689823472:S=ALNI_MYMCLJxUf7CyqqbcooSN0qRFI6FSg
.pastelink.net/	1970-01-20 22:45:19	Name: __gpi Value: UID=00000c402441afa3:T=1689823472:RT=1689823472:S=ALNI_MYGRiJgTOcMSCoyCG_apXkwAeQuCg
.pastelink.net/	1970-01-20 22:59:43	Name: _ga_S3DKHVPF03 Value: GS1.1.1689823471.1.0.1689823473.0.0.0
.doubleclick.net/	1970-01-20 22:45:19	Name: IDE Value: AHWqTUlV6815d4nF4OLpxv-rJdNHLgyESbOgn66gmQAF5jet5Pib0X9c_EfkEogrAwU
.sportradarserving.com/	1970-01-20 22:09:19	Name: zuuid Value: 870282df-65e2-41b9-af35-7409721ca650
.sportradarserving.com/	1970-01-20 22:09:19	Name: c Value: 1689823473
.sportradarserving.com/	1970-01-20 22:09:19	Name: zuuid_lu Value: 1689823474
.sportradarserving.com/	1970-01-20 22:09:19	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 22:09:19	Name: zuuid_k_lu Value: 1689823474
.sportradarserving.com/	1970-01-20 22:09:19	Name: pvc2 Value: VWwwKzonyJJfmSjkODwN4hq9IzswRMwL3L7TC7Tkz0yKczfn6eRlRs706F3QP63qr0B8Voqc2m2SHId_CdSzngmvunQ_HTc5GJqes6iPbaxCl6bPLOxJ7dWef6dLIi6vAsDdYNDg22pCMTQm8MTbhzN-IGXju_1myGSXP7FYpw18ITFr45DT2ggPFWFuPuVDtjz741LAf3BXG8CQyWugZG_xocZrMVw9CObdHzyf4dteXWP3dog8-DfYOhu-5qFfv0Z4ccrU5hq1GEVFAMDJ062M2KFAHR-swQGHmp3ZG_FFS-0d8lU_4NLQnfdLiXKn2WIkp1uCGqvfcGu2_BfBSjTJL0suWQ3fcNtUMCv9o4f6Xl6z2sb2NrjqXgxek4KWwm3Fo1HSM1uG-8IuKqOy7dN8e0tvcNyGkHyOOv3g3Yovm-A271Z05EcyIMgcAsATym6kTKw9jQsAF1PkLAzUTJEmhrBtwgw8-QQ_Ns8jGKQzZX9deT0G2Usm7u7fgRtO-W2sBB0h5YYr-w9XGtU8f1avvKo5zEPruti3lVChCCKY75AKeLiRWKWAQNb4wHIOYpQUos2htL0t7CbWBndG428Q7xCkVbSBCLexlgJJgx35JjehdA6g2PylCEK_fCVRgsqZIWJFL-sDdD4UvBawA5wPk3EecKJgBuwrlr4vTNTxNzD_H3VteqEGLlcS0zN6u_TU78Cg96RDNxzI2OcW8qI27wEIf3Kj54OVcNh7-uVCbgnLoBBsKEftP1-Ah8xiId2swNzaGAG1KCDJ4DmqO9Q7DxWVmTV7gmTPOMCVA-TlpUj9NZ0QMtSLS0-AYEYSmgaxMbiMV2bmnfS_b4nSRMEsKABurAbG2Rl_zJjucMKmZNy1FgoVvYYrQ9etJK5_LYf1a2IHgUPDCBhal77B8tTzYm0VHccwUdGfrRf0uQfTOiHQV1fDk1Skfi1fKBScjdIIiDKpns2G21u1t7fBkMOLhlA0V2c1CGGLyQuoPDQH0scz_4-3Nf0VRTgB6r62Neotz03Z286yjBhJxO96dwdJerrNG9QP1vNWP-t3pSzBmwBff0sWxSbeKMy661U3ASJdhL_uQwf09SrYVEs5SSUii-vfYHTtntafhciQoSMy7_-CbfqqCUvIV8gRbTzJsQuQMtW_JSrCL5RfNC4XG6U,L9OryJwxrk2tzl6bkzPv8A,z-lhZvk2C_0dkdEvjcezvw,YtAhqVyhLVlLqZNZAjMVCw,z-lhZvk2C_0dkdEvjcezvw
.bidswitch.net/	1970-01-20 22:09:19	Name: tuuid Value: a9a26015-4b82-4bbf-a543-03d1e52be9cf
.bidswitch.net/	1970-01-20 22:09:19	Name: c Value: 1689823474
.bidswitch.net/	1970-01-20 22:09:19	Name: tuuid_lu Value: 1689823474
.criteo.com/	1970-01-20 22:45:19	Name: uid Value: b3b52726-95d0-4ec7-9b75-ab925a631f51
.pastelink.net/	1970-01-20 22:45:19	Name: cto_bundle Value: IPLFpl9DJTJGcnhKQTdoNmZkOUx3Q3N2cWJuSzJsWWpBJTJCTEI5TUFxSiUyQkNtTmZuMGRkaVNkZmZ3OVNsWGFkYkhIeVpuR2ppVzFlTVVEUEhVRUhGVW9yZHh2TnhhRHFGJTJCVnh6WXp0UFZpd09pSG8zTXA2UGhBNEhFVWNOR2l4Tm1VSDhxWTJWcW8yRE1SUDhMS0JVNzZESFRkV2ZBQSUzRCUzRA
.ads.pubmatic.com/	1970-01-20 13:25:09	Name: KCCH Value: YES
match.sharethrough.com/	1970-01-20 13:33:48	Name: AWSALBCORS Value: FKXA4qoAsK8WWLwJ+QNyMl3UCHtlD4+m28RyHuniuHRPHQ2bpHTGoOR2NeNrF4MMzwbCZoGLB2kNKAWsUMNlzIxu/8678nvqIcKmA6JyFQrOKOtmJUALpIa+kVrI
.servenobid.com/	1970-01-20 13:33:48	Name: pid_312 Value: 596599611831385886
.gumgum.com/	1970-01-20 22:09:19	Name: vst Value: e_9461f3c6-c29c-4453-bd47-b0717e0fbb30
.lijit.com/	1970-01-20 22:09:19	Name: ljt_reader Value: HApMsRZHIEV50gBwT_-OvX0B
.1rx.io/	1970-01-20 22:09:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6cc49318-a6aa-4423-80d9-18c8d251c8cc-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.casalemedia.com/	1970-01-20 15:33:19	Name: CMPS Value: 2199
.casalemedia.com/	1970-01-20 15:33:19	Name: CMPRO Value: 2199
.smartadserver.com/	1970-01-20 22:53:57	Name: pid Value: 6329789163415194840
.servenobid.com/	1970-01-20 13:33:48	Name: pid_309 Value: e_9461f3c6-c29c-4453-bd47-b0717e0fbb30
.pubmatic.com/	1970-01-20 22:09:19	Name: KADUSERCOOKIE Value: 31A81B17-D725-4914-A3C3-22BE20C9F52A
.pubmatic.com/	1970-01-20 15:33:19	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:25:09	Name: pi Value: 161102:2
.pubmatic.com/	1970-01-20 15:33:19	Name: DPSync3 Value: 1691020800%3A235_201_245_241
.pubmatic.com/	1970-01-20 15:33:19	Name: SyncRTB3 Value: 1691020800%3A71_264_220_251_166_249_165_176_13_46_22_55_254_161_8_81_214_54_3_234_238_21_56_233%7C1691107200%3A35%7C1690416000%3A15_2_223%7C1690675200%3A63%7C1692403200%3A203
.servenobid.com/	1970-01-20 13:33:48	Name: pid_317 Value: 761960222791748724
.lijit.com/	1970-01-20 22:09:19	Name: _ljtrtb_273657 Value: 273657
.media.net/	1970-01-20 22:09:19	Name: data-pbs Value: setstatuscode~~1
.openx.net/	1970-01-20 22:09:19	Name: i Value: 4e9e639a-bad6-4b9f-9b97-e31503357590\|1689823476
.servenobid.com/	1970-01-20 13:33:48	Name: pid_310 Value: HApMsRZHIEV50gBwT_-OvX0B
.rfihub.com/	1970-01-20 22:45:19	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFpYWRsYm5mbmIGAFlT3ygQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjexNDA0Nzc3MRHiM9QtyywqTTP3jQo3y44CACdvwaglAAAA
.rfihub.com/	1970-01-20 22:45:19	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjexNDA0Nzc3MRHiM9QtyywqTTP3jQo3y44CACdvwaglAAAA
.disqus.com/	1970-01-20 22:09:19	Name: zeta-ssp-user-id Value: ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5
.servenobid.com/	1970-01-20 13:33:48	Name: pid_353 Value: 0000EEA
.servenobid.com/	1970-01-20 13:33:48	Name: pid_324 Value: 5124322327490177739
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85132\|ZLio9
.servenobid.com/	1970-01-20 13:33:48	Name: pid_346 Value: ua-a0a773a0-4236-396f-99ee-a00fe6d4fed5
.casalemedia.com/	1970-01-20 22:09:19	Name: CMID Value: ZLio9BSMepmAZ.qXb12auQAA
.servenobid.com/	1970-01-20 13:33:48	Name: pid_333 Value: ZLio9BSMepmAZ-qXb12auAAACJcAAAIB
.amazon-adsystem.com/	1970-01-20 19:32:21	Name: ad-id Value: AxvoAfGg7kYUgUENB6Ujabo\|t

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_9461f3c6-c29c-4453-bd47-b0717e0fbb30&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e32ca842f1029a964eebd552f6b430f.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
clodds.solverde.pt
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu.sportradarserving.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
itx5.smartadserver.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
webtickers.malmegas.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www9.smartadserver.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
ad.360yield.com
ad.mrtnsvr.com
b1sync.zemanta.com
c1.adform.net
cm.adgrx.com
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d5p.de17a.com
dsum-sec.casalemedia.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.deepintent.com
match.prod.bidr.io
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
sync.bumlam.com
sync.crwdcntrl.net
sync.outbrain.com
t.adx.opera.com
tg.socdm.com
um.simpli.fi
104.131.19.66
104.17.25.14
104.18.2.114
104.26.7.139
104.26.9.169
13.32.99.30
130.211.23.194
142.250.181.226
142.250.181.230
142.250.185.131
142.250.185.194
142.250.185.238
142.250.186.100
142.250.186.129
142.250.186.138
142.250.186.168
145.40.97.67
150.136.26.45
151.101.194.49
151.101.65.108
151.139.128.10
152.199.22.191
172.217.16.130
172.217.16.195
172.217.18.98
172.67.69.19
178.250.1.3
178.250.1.9
178.250.7.10
178.250.7.13
18.158.162.107
18.66.112.67
18.66.97.123
185.255.84.151
185.64.189.112
185.64.191.210
185.80.39.216
185.86.138.121
185.86.138.122
185.86.139.104
185.86.139.85
185.89.210.101
193.0.160.130
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
208.93.169.131
213.187.226.60
213.19.162.41
216.239.32.36
216.52.2.16
216.52.2.86
216.58.206.33
23.213.164.238
23.52.120.246
23.52.120.27
23.53.40.219
23.56.202.187
3.120.62.240
3.226.99.159
3.75.62.37
34.111.151.213
34.120.63.153
34.235.214.126
34.98.64.218
35.158.34.97
46.228.164.11
46.228.174.117
51.89.9.251
52.201.138.102
52.210.15.1
52.220.229.2
52.223.40.198
52.46.155.104
52.95.118.179
54.156.219.78
54.194.182.208
54.72.81.170
63.33.165.48
69.166.1.10
69.173.144.165
69.173.151.100
77.245.57.72
80.77.87.162
85.114.159.118
88.208.215.108
00c5ba62a4d4bdc3103779e28395db393f79eb7f2cc2c17f58e97d1f2ad600e7
06a9915fbbd6bbf38d446c1a894465d4b384caccf46bbfb57061b3e3d5a1536e
06b67dcfb49f1dc548bad03e39773c62ce1eefaf5bc9dd2e6867723756b5cd5a
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
07dd36834f40808d0e8748a483b441ff8569a7a137638009c345276e0f9934b3
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
0b746dbc5c8702961e0844f04abc9ca57c3cf425bb1c5bfff0b6c9f8ed54f292
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0defab41476eb7d257a7d68e2898dfb79c365dbd57bdeafdde0fca83acd01113
0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb
11170d19e1e876539be025131496b0cef0506c485ea95f3241ecb6d2885dfff9
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28ab070c3b3625e95a8579a91f452997aaed4dfddca0cb049ef549215a9846dc
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
3009a99d4a9c2e1ed95adfefb4ab8d34cff2969218fb37c110cf548b6a3495fd
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
32facce728497e691e46976d5015b98bfba62c693db12665a41f839b7f169e56
361642fb54878024d3f33493267d01dd59f53ed5ab2b50cee28d8a6ccb63a658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f45680d76e1dc9b4b0adf9c9d4c92a66064c06b306b6016624b4c36c8995bf
44d4c164ab541889ac02cfdbab07d4c71a11bf0d3701b4fce723c228612596ec
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
51cb71740b64e53878a653b7a94a5a73664891a4d5d6ff7d038e3f248301ae74
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bf8f04f25fb38f6a8776afccb17746c6f69dedc76f42c9f8bb92d1a5d0ae9b
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
579e5f3e0fbe2322bc34404f051c461931e7c50e48480af5cb12bddb34237479
59d2b5acaaba877ef259db01248c9f3c8037ec271a98ea2d3af314e3ab286c1b
5a14d7bd1699abb15b23de83e68faa49a4350606f9de3311156de136d27de304
5b773aa0c5481c1b3c7146b05dabdf8e6b6173b5e297a37232765aa544e98ef5
5c83c28263ca9127606deab3198b5534ed48ea50b9a9839a7403318703e73850
5d76a96bd44b6142cf65a89de782768a467bcbbf9371a2e7149413feea904453
5ec0c2d1b2d781eb66f8499842258ab1b2612048d5944a767cfbba82ce196bb6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6435a2cef1c3e347c8f26a65249e598fee09d042a75a3f08c4d8185a2d1ebf46
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64ecc5ab273a28a69038f8ef6e36634e798e88ddb277b38790e8b7bc3c498870
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7da68ffb7251d1c6801675f21b5263304a48b60e92ece794fded52284a1a6c2a
7e0f2346ea6c9e585e9ccc14af851ef513f8b4ebf991ddf201371004f197532c
804cff8e2e4bd0ea12949dfd9882dba7aeb1a90a3eb0a9228b74746f0f6a3216
8662f7c5bce685f84e3659b04cd7bf4458badb636a3a414887c8372faefe9a54
882d236ae72198055a3017004295f39d3cce453c5284e882c1bab6692548a2e3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9949708b9ab18a1231aabf6544951753965410e4c4bef5cc7b8e5421a1fc1a2a
a2f28e53424beade854325302d7671b42ec31220bab6ef021c95dc6a8d8235c8
a5af308e571b9f63c42a7aa1232646d737db468ab311d3c205426cdbe47f14a1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1375e95bcf730203c37d7f68c45df1cbfb40ed791341678e78cb22ad2ea9117
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb87493de94af20d7d0ffabfdafa42304eaa6f100f417470656947cdf24259e3
be6a3017961839a29301be22a976a84bd102c9e05a547a8ed8363834b5f511d0
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc
c752fc0683569d772a9f00a40d79e5b83d2339ae32b49398a99777e01279df5a
cc9124c1648bc1945cf122c1b055a684698991809a9f1441d0cdb9ca9e41e4d4
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ced5f8cd8fb80d6ae058ddfc906d660ed80a20379b1e9b3c595f92e4e5ba247a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15db5b545856157813d0cd4eac3811c468820e20cfbcc289baf71c8df2e8654
d76270f5ca92cf97ae9bfb276a9d04a5f606475dfa7f4d0359b88f2ec5273a81
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da0d715cba8a35d0b595abecffac4df0cc3243ee919b5290785ac6419f8cdab5
db101dfa2040912706f0525df27d0f4570989377239eb0f790d7225719278398
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3
e48935dbae213bb7a3daeaf70d60d3b697a7fc9901b95a53510a31604c1b79dd
e4ad725a13d00222774dfaa22f06695c92faafe1124b8a28ad07d973d852fb6c
e6dfa1684c6901d15ae5ef662536cd663174e97c3e5da3e4d33acce4130690e1
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78
ecffe1a2db6cd3a0cfd033772fb6351d6c2b3fadd63c9864c8906f0e0c2e7b1c
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fb40ce90361767141eae3a3471088eb76ea17389cdf1d99af5d2510518c8b
f60efc29b844ae2a408e6c53a945de9e158c6db0b7ea0b93432b7c53e567ce25
f62774e0fe35ad4b9eff05df667da9777f3a19f2c513c8625ddfec5487411463
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pastelink.net Open in urlscan Pro 88.208.215.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

221 Requests

71 %HTTPS

0 %IPv6

84 Domains

120 Subdomains

70 IPs

9 Countries

1889 kBTransfer

3811 kBSize

55 Cookies

15 Outgoing links

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

71 %
HTTPS

0 %
IPv6

84
Domains

120
Subdomains

70
IPs

9
Countries

1889 kB
Transfer

3811 kB
Size

55
Cookies

221 HTTP transactions
2 data transactions