urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/giu5j4j0
Submission: On January 15 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 14 countries across 113 domains to perform 688 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 144728.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 46.101.85.187 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.184.198 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 159.65.16.11 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
18 54.74.41.4 16509 (AMAZON-02)
6 81.17.55.112 60781 (LEASEWEB-...)
2 185.255.84.151 200271 (IGUANE-)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 34.120.63.153 396982 (GOOGLE-CL...)
5 2602:803:c003... 26667 (RUBICONPR...)
5 51.89.9.253 16276 (OVH)
2 178.128.135.204 14061 (DIGITALOC...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
9 14 185.89.210.244 29990 (ASN-APPNEX)
1 67.202.105.24 32748 (STEADFAST)
35 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
18 49 142.250.185.194 15169 (GOOGLE)
5 20 104.18.36.155 13335 (CLOUDFLAR...)
1 4 193.3.178.3 399668 (E-PLANNING-)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
6 193.3.178.4 399668 (E-PLANNING-)
3 3 35.227.252.103 15169 (GOOGLE)
10 11 3.124.81.102 16509 (AMAZON-02)
3 3 3.65.43.186 16509 (AMAZON-02)
7 7 46.228.174.117 56396 (AMOBEE)
4 5 2001:678:cb4:... 56396 (AMOBEE)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
3 52.208.7.68 16509 (AMAZON-02)
7 23.35.236.201 16625 (AKAMAI-AS)
5 34.149.40.38 15169 (GOOGLE)
4 4 54.243.132.7 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 99.84.88.128 16509 (AMAZON-02)
5 5 193.0.160.130 54312 (ROCKETFUEL)
2 3 35.244.174.68 396982 (GOOGLE-CL...)
13 3.33.220.150 16509 (AMAZON-02)
2 6 52.46.128.147 16509 (AMAZON-02)
6 6 2a02:fa8:8806... 41041 (VCLK-EU-SE)
9 9 3.75.62.37 16509 (AMAZON-02)
3 6 2a05:d018:d29... 16509 (AMAZON-02)
5 6 178.32.210.231 16276 (OVH)
3 7 198.47.127.19 62713 (AS-PUBMATIC)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
7 9 37.157.3.20 198622 (ADFORM)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 99.80.102.181 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
2 2 91.134.110.136 16276 (OVH)
2 2 54.229.214.219 16509 (AMAZON-02)
1 1 35.156.188.18 16509 (AMAZON-02)
2 34.160.236.64 15169 (GOOGLE)
2 52.214.179.171 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
4 5 151.101.130.49 54113 (FASTLY)
1 1 44.218.239.184 14618 (AMAZON-AES)
3 6 52.95.115.255 16509 (AMAZON-02)
1 104.76.200.221 16625 (AKAMAI-AS)
1 1 52.208.65.154 16509 (AMAZON-02)
9 12 69.173.144.138 26667 (RUBICONPR...)
3 3 2620:116:800d... 16509 (AMAZON-02)
22 34.247.205.196 16509 (AMAZON-02)
6 7 35.244.159.8 15169 (GOOGLE)
4 4 54.160.145.206 14618 (AMAZON-AES)
2 2 54.145.121.220 14618 (AMAZON-AES)
2 8.18.47.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
3 3 211.120.53.202 4694 (IDCF IDC ...)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
3 3 23.56.202.187 16625 (AKAMAI-AS)
8 104.79.89.214 16625 (AKAMAI-AS)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 21 198.47.127.205 3257 (GTT-BACKB...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 18.197.191.217 16509 (AMAZON-02)
5 7 34.253.16.244 16509 (AMAZON-02)
1 4 217.182.178.234 16276 (OVH)
2 2 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.193.209 15169 (GOOGLE)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
2 3 63.32.195.36 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 72.251.241.204 32475 (SINGLEHOP...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 54.74.215.17 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
4 198.47.127.20 62713 (AS-PUBMATIC)
2 2 98.98.134.243 21859 (ZEN-ECN)
2 2 134.122.57.34 14061 (DIGITALOC...)
2 2 52.215.121.196 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
6 9 69.173.144.139 26667 (RUBICONPR...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
4 5 2.18.160.23 16625 (AKAMAI-AS)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
4 23.197.128.137 16625 (AKAMAI-AS)
1 23.50.131.75 20940 (AKAMAI-ASN1)
3 18.157.200.172 16509 (AMAZON-02)
2 4 216.52.2.30 30282 (AS-INAPCD...)
1 2600:9000:237... 16509 (AMAZON-02)
2 23.213.161.200 20940 (AKAMAI-ASN1)
170 80.74.137.136 21069 (ASN-METAN...)
1 1 35.214.168.80 15169 (GOOGLE)
2 143.204.98.84 16509 (AMAZON-02)
4 108.128.80.168 16509 (AMAZON-02)
31 104.79.90.101 16625 (AKAMAI-AS)
2 2600:9000:264... 16509 (AMAZON-02)
4 3.121.30.65 16509 (AMAZON-02)
8 130.211.115.4 396982 (GOOGLE-CL...)
3 216.52.2.86 30282 (AS-INAPCD...)
1 104.79.88.129 16625 (AKAMAI-AS)
1 99.84.88.18 16509 (AMAZON-02)
1 23.35.236.188 16625 (AKAMAI-AS)
7 2600:9000:205... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 3.224.6.94 14618 (AMAZON-AES)
1 1 145.40.97.67 54825 (PACKET)
1 1 34.206.6.79 14618 (AMAZON-AES)
1 1 80.77.87.161 46636 (NATCOWEB)
1 2 35.186.193.173 15169 (GOOGLE)
3 3 185.64.190.79 62713 (AS-PUBMATIC)
1 1 185.255.84.153 200271 (IGUANE-)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.88.86.2 24940 (HETZNER-AS)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.215 16276 (OVH)
1 1 2607:ae80:4::26 26558 (FREEWHEEL)
1 52.48.67.86 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
688 112
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    46.101.85.187 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-15.buysellads.com
cdn4.buysellads.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
10    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    159.65.16.11 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-14.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
18    54.74.41.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
ads.servenobid.com
6    81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
14    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
35    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
23    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
49    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
20    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
2    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
11    3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    3.65.43.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-43-186.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
17    2606:4700:10::6816:3362 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    52.208.7.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
g2.gumgum.com
7    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
4    54.243.132.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-132-7.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    99.84.88.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-128.muc50.r.cloudfront.net
live.rezync.com
5    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
3    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
13    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
9    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
6    2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    178.32.210.231 (France)

ASN16276 (OVH, FR)
PTR: ip231.ip-178-32-210.eu
ssbsync.smartadserver.com
7    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
9    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f00:6418:3db0:a56e:6f03 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    99.80.102.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-102-181.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    91.134.110.136 (France)

ASN16276 (OVH, FR)
PTR: ip136.ip-91-134-110.eu
sync.smartadserver.com
2    54.229.214.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-214-219.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    35.156.188.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-188-18.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    52.214.179.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    44.218.239.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-239-184.compute-1.amazonaws.com
usermatch.krxd.net
6    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.208.65.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-65-154.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
12    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
22    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
4    54.160.145.206 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-145-206.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.145.121.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-121-220.compute-1.amazonaws.com
sync.ipredictive.com
2    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
21    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    18.197.191.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-191-217.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
7    34.253.16.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-16-244.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    217.182.178.234 (France)

ASN16276 (OVH, FR)
PTR: ip234.ip-217-182-178.eu
rtb-csync.smartadserver.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.193.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.193.214.35.bc.googleusercontent.com
csync.loopme.me
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    141.94.161.190 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
3    63.32.195.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-195-36.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    54.74.215.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-215-17.eu-west-1.compute.amazonaws.com
a.audrte.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    52.215.121.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-121-196.eu-west-1.compute.amazonaws.com
ice.360yield.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
4    23.197.128.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-137.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
1    23.50.131.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-75.deploy.static.akamaitechnologies.com
hb.yahoo.net
3    18.157.200.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-200-172.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    2600:9000:237d:fc00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    23.213.161.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-200.deploy.static.akamaitechnologies.com
ajs-assets.ftstatic.com
170    80.74.137.136 (Switzerland)

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: www.visual-fantastix.ch
v-f.ch
1    35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com
gtrace.mediago.io
2    143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net
agen-assets.ftstatic.com
4    108.128.80.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-80-168.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
31    104.79.90.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-90-101.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
stat.flashtalking.com
secure.flashtalking.com
2    2600:9000:2646:be00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
4    3.121.30.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-30-65.eu-central-1.compute.amazonaws.com
ad-events.flashtalking.com
8    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
3    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com
contextual.media.net
1    99.84.88.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-18.muc50.r.cloudfront.net
public.servenobid.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
7    2600:9000:2057:3400:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    3.224.6.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-6-94.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.206.6.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-6-79.compute-1.amazonaws.com
ssp.disqus.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    52.48.67.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-67-86.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
170 v-f.ch
v-f.ch
8 MB
68 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
337 KB
63 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
442 KB
44 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image8.pubmatic.com — Cisco Umbrella Rank: 664
67 KB
43 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 954
d9.flashtalking.com — Cisco Umbrella Rank: 1742
cdn.flashtalking.com — Cisco Umbrella Rank: 1296
ad-events.flashtalking.com — Cisco Umbrella Rank: 1404
stat.flashtalking.com — Cisco Umbrella Rank: 1445
secure.flashtalking.com — Cisco Umbrella Rank: 2387
404 KB
38 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
66 KB
25 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
g2.gumgum.com — Cisco Umbrella Rank: 1535
8 KB
20 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
14 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2107
public.servenobid.com — Cisco Umbrella Rank: 6078
11 KB
18 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
sync.smartadserver.com — Cisco Umbrella Rank: 1369
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
7 KB
17 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3325
mwzeom.zeotap.com — Cisco Umbrella Rank: 3434
5 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
71 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388
6 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
28 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
2 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 144728
346 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
9 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
3 KB
10 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 3066
data.ad-score.com — Cisco Umbrella Rank: 2906
325 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
us-u.openx.net — Cisco Umbrella Rank: 524
u.openx.net — Cisco Umbrella Rank: 683
2 KB
10 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2359
u-ams03.e-planning.net — Cisco Umbrella Rank: 29983
sync.e-planning.net — Cisco Umbrella Rank: 3885
2 KB
9 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3041
c1.adform.net — Cisco Umbrella Rank: 583
5 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
u.4dex.io — Cisco Umbrella Rank: 3777
29 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
cs.media.net — Cisco Umbrella Rank: 1236
contextual.media.net — Cisco Umbrella Rank: 709
hbx.media.net — Cisco Umbrella Rank: 1257
c21lg-d.media.net — Cisco Umbrella Rank: 2197
13 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 6171
4 KB
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 859
ap.lijit.com — Cisco Umbrella Rank: 671
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
6 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
2 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
r.turn.com — Cisco Umbrella Rank: 4167
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
3 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
362 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
8 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
104 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
2 KB
5 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
2 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
a.rfihub.com — Cisco Umbrella Rank: 3226
5 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
276 KB
4 ftstatic.com
ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744
agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473
58 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
3 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19240
pixel.onaudience.com — Cisco Umbrella Rank: 3060
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25870
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25218
1 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
21 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
cs.yellowblue.io — Cisco Umbrella Rank: 1706
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
103 B
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
3 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
usermatch.krxd.net — Cisco Umbrella Rank: 1811
940 B
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
873 B
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3797
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
258 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
741 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4100
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
746 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
923 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
60 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1892
656 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
562 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
2 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
958 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1375
298 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
1 KB
2 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 8710
450 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
516 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6671
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
624 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1487
524 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
235 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1634
134 B
1 mediago.io
gtrace.mediago.io — Cisco Umbrella Rank: 3342
469 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
526 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
319 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
277 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 33500
412 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
226 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7736
347 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
736 B
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 37807
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1717
65 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
532 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9844
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13621
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 646
201 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
482 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 901
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 21215
713 B
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 25755
158 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
1 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 widespace.com Failed
engine.widespace.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
688 113
Domain Requested by
170 v-f.ch pastelink.net
49 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
spl.zeotap.com
rtb.gumgum.com
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
g2.gumgum.com
35 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pastelink.net
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
www.googletagservices.com
pagead2.googlesyndication.com
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pastelink.net
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
googleads.g.doubleclick.net
22 usersync.gumgum.com rtb.gumgum.com
g2.gumgum.com
ads.pubmatic.com
21 cdn.flashtalking.com ajs-assets.ftstatic.com
cdn.flashtalking.com
18 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
15 mwzeom.zeotap.com spl.zeotap.com
15 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
13 match.adsrvr.org ssum.casalemedia.com
spl.zeotap.com
rtb.gumgum.com
ads.us.e-planning.net
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
13 pastelink.net pastelink.net
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
ads.us.e-planning.net
12 pixel.rubiconproject.com 9 redirects rtb.gumgum.com
11 x.bidswitch.net 10 redirects ads.us.e-planning.net
10 ib.adnxs.com 5 redirects cdn4.buysellads.net
spl.zeotap.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
9 image2.pubmatic.com ads.pubmatic.com
ads.us.e-planning.net
8 data.ad-score.com js.ad-score.com
8 stat.flashtalking.com
8 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
8 ups.analytics.yahoo.com 8 redirects
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
pastelink.net
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
7 match.prod.bidr.io 5 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 image6.pubmatic.com 3 redirects ads.pubmatic.com
7 ads.pubmatic.com ads.us.e-planning.net
rtb.gumgum.com
pastelink.net
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
7 www.google.com 1 redirects pastelink.net
tpc.googlesyndication.com
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
6 aax-eu.amazon-adsystem.com 3 redirects spl.zeotap.com
ads.pubmatic.com
rtb.gumgum.com
6 ssbsync.smartadserver.com 5 redirects public.servenobid.com
6 pr-bh.ybp.yahoo.com 3 redirects ssum.casalemedia.com
ads.us.e-planning.net
ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
rtb.gumgum.com
ssum-sec.casalemedia.com
6 sync.1rx.io 6 redirects
6 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
6 s0.2mdn.net 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
pastelink.net
s0.2mdn.net
6 prg.smartadserver.com cdn4.buysellads.net
6 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 creativecdn.com 5 redirects
5 us-u.openx.net 4 redirects googleads.g.doubleclick.net
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 pixel.tapad.com 3 redirects spl.zeotap.com
rtb.gumgum.com
5 u.4dex.io ads.us.e-planning.net
ads.pubmatic.com
5 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 onetag-sys.com cdn4.buysellads.net
pastelink.net
public.servenobid.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
4 ad-events.flashtalking.com
4 d9.flashtalking.com ajs-assets.ftstatic.com
d9.flashtalking.com
4 ce.lijit.com 2 redirects rtb.gumgum.com
public.servenobid.com
4 servedby.flashtalking.com 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
4 a.audrte.com 3 redirects ads.us.e-planning.net
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 sync.srv.stackadapt.com 4 redirects
4 secure.adnxs.com 4 redirects
4 p.rfihub.com 4 redirects
4 i.liadm.com 4 redirects
4 ad.turn.com 4 redirects
4 www.googletagservices.com 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
pastelink.net
4 fonts.gstatic.com fonts.googleapis.com
3 image8.pubmatic.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 match.sharethrough.com rtb.gumgum.com
public.servenobid.com
cs-server-s2s.yellowblue.io
3 cs.media.net 3 redirects
3 sync.crwdcntrl.net 2 redirects ads.us.e-planning.net
3 secure-assets.rubiconproject.com 3 redirects
3 tg.socdm.com 3 redirects
3 cms.quantserve.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
public.servenobid.com
3 idsync.rlcdn.com 2 redirects ssum.casalemedia.com
3 a.sportradarserving.com 3 redirects
3 rtb.openx.net 3 redirects
3 ad.doubleclick.net pastelink.net
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
3 api.btloader.com btloader.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com pastelink.net
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
2 secure.flashtalking.com pastelink.net
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 eb2.3lift.com 2 redirects
2 u.openx.net 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 js.ad-score.com ajs-assets.ftstatic.com
2 dclk-match.dotomi.com 2 redirects
2 agen-assets.ftstatic.com ajs-assets.ftstatic.com
2 ajs-assets.ftstatic.com servedby.flashtalking.com
2 gum.criteo.com 1 redirects static.criteo.net
2 px.ads.linkedin.com 1 redirects rtb.gumgum.com
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 ice.360yield.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 1 redirects ads.us.e-planning.net
2 cr.frontend.weborama.fr 1 redirects ads.us.e-planning.net
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 t.adx.opera.com 2 redirects
2 bh.contextweb.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
g2.gumgum.com
2 sync.ipredictive.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 odr.mookie1.com spl.zeotap.com
g2.gumgum.com
2 bcp.crwdcntrl.net 2 redirects
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 casale-match.dotomi.com 2 redirects
2 live.rezync.com 2 redirects
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 spl.zeotap.com ads.us.e-planning.net
2 sync.e-planning.net ads.us.e-planning.net
rtb.gumgum.com
2 sync.go.sonobi.com 2 redirects
2 ads.us.e-planning.net 1 redirects pastelink.net
2 googleads4.g.doubleclick.net pastelink.net
2 bidder.criteo.com cdn4.buysellads.net
2 rt.marphezis.com cdn4.buysellads.net
2 prebid.media.net cdn4.buysellads.net
2 mp.4dex.io cdn4.buysellads.net
2 hb-api.omnitagjs.com cdn4.buysellads.net
2 hbopenbid.pubmatic.com cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net pastelink.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 visitor.omnitagjs.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 acdn.adnxs.com cdn4.buysellads.net
1 public.servenobid.com cdn4.buysellads.net
1 contextual.media.net cdn4.buysellads.net
1 r.turn.com
1 gtrace.mediago.io 1 redirects
1 mug.criteo.com
1 live.primis.tech rtb.gumgum.com
1 hb.yahoo.net rtb.gumgum.com
1 a.rfihub.com 1 redirects
1 image4.pubmatic.com ads.us.e-planning.net
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 d.turn.com 1 redirects
1 ssum.casalemedia.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ssc-cms.33across.com pastelink.net
1 srv.buysellads.com cdn4.buysellads.net
1 btloader.com cdn4.buysellads.net
1 www.gstatic.com www.google.com
1 cdn4.buysellads.net pastelink.net
1 cdnjs.cloudflare.com pastelink.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 b1sync.zemanta.com Failed rtb.gumgum.com
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
g2.gumgum.com
0 engine.widespace.com Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
688 185
Subject Issuer Validity Valid
pastelink.net
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cdn4.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-11-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-12 -
2025-01-10		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-12-13		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-10-22		 a year crt.sh
v-f.ch
R3		 2024-01-02 -
2024-04-01		 3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2023-07-19 -
2024-08-19		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
ad-events.flashtalking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-17 -
2024-09-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2024-01-12 -
2025-02-12		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh

This page contains 101 frames:

Primary Page: https://pastelink.net/giu5j4j0
Frame ID: CE8E3D04AD489AC271935A488D618825
Requests: 96 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: AE6373E2C60181E89D55C40D1B36A26C
Requests: 1 HTTP requests in this frame

Frame: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE6EC6872FDE65162E065B9167534ED0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 41DFD10E41BDCC388F90DC3CF46CFD3D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC04573A7F0454274B9A113C29CD991E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B532D4A085C6761FBCFF95C21279A2FD
Requests: 2 HTTP requests in this frame

Frame: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D723DA3DA6C07CCE1D8365056719A87E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMfN0v0BMAE&v=APEucNVe6EdS3mnrqr94vAivAXh3VwFbvLWAlfRLdCbkpJZ57IEZSBAkNAsY5AwRxMuXVWBRFDhFA5i3kri3cxC7_N40s2A_GNDnFefB6GXMcXqLkoYhvPY
Frame ID: 684EC9DC55E48978F7A68E8EB30101CD
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0505C54B1AA112FDA4449A6D76058158
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 920F51305BCB2DFE7906EB1F8E00C657
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 62C48DC75A0FA281DBDCCBEB55D24381
Requests: 6 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Frame ID: 95952452A6D9F770ACEE6DD2C9A34313
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: C761DF11B9A150238EB2AAC700A110CB
Requests: 31 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Frame ID: DFC123006F9C58722B83155F332EFCFC
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Frame ID: 94D84E7689B95FE1F06EF2EF0943EEEA
Requests: 21 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AMlN6bSrwYr7zSa5
Frame ID: E3B34E2BF8FA931FA28505FC0791C134
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=&gdpr_consent=
Frame ID: 8A48888351FEE9E10C6980E7AD177651
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YjFlM2RiNy0xMjRkLTRhM2QtODc5OS00N2FlYjk3MDk1NzU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 965D248A3BB46725278114D80FEA90C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F419C5BCBC49B6C35A6F035C998A6B99
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 9DA2335F83885F964BDC58326414DDDE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Frame ID: EF0F34E8A4B0C44E0AE1BEFE58D87DC2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum&tc=1
Frame ID: BE60B4D1D20AFABA0B77A5F582C3FE2E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B8BA51053DC999F75F1A11122EA76A2A
Requests: 20 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a7df65a4-c85d-4d00-8145-654c2eb210ce&gdpr=0&gdpr_consent=
Frame ID: A5920AB8AC14D7E0BDC1391F28BEA7E9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F946C697BE552EFDD55FAD7CA54A4AAC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: ACCD9A203F19D14C9835157A5CE9E688
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
Frame ID: 07D873F3ADA80AD2217D0B78437A67CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4990313130819484401&gdpr=0&gdpr_consent=
Frame ID: 18F11450BEF534582FC17FB842BAC636
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7324199187187890336&gdpr=0&gdpr_consent=
Frame ID: C099C8EAD33C1FB019C580697F061993
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 378AC349EC3C89D7DDE96075A70B0F58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_sVbMzZjXhNUAu7ZbaZBnLAKahs&gdpr=0&gdpr_consent=
Frame ID: FF3B25989899FBA4F21F0CE9FF8B9B32
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABDnE7LSZEAABYvcylFIQ&gdpr=0&gdpr_consent=
Frame ID: 783A1D543E751B0F072ED489D05690F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588528606875902
Frame ID: AE7BEF0B463852F679C457F5898A2C0B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU845984ba8d644232849a67946de2d23a
Frame ID: 5F4A48A5C8A52FD880EC8C5057702F1C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2EA615F8D10F8BDE4C6557014BEEB96A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1965549445137224645
Frame ID: C17B42D0FF8BC4790DCBD0908DCE0303
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaTIWwAOnyYpkQBd
Frame ID: 5B1DA0A387897F1690CD1B27824C5728
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgUTRWhYbhVaTbTWg&gdpr=0&gdpr_consent=
Frame ID: 1574F921A75448108C0DEF7D483F4F47
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7A0D265F71EDD13B15B91EC937BEA6F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D048DBAB1109BD639BCF188F5456F162
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 006948ADD98504E33CEAC1C08F2A276F
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=96daf6a0fd113a5f&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: D98477607ED073E74314F82E62D40561
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 6CD23B43200063F2C4DA0BD7957C8013
Requests: 13 HTTP requests in this frame

Frame: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B733ECB2D2C9E15565F28BDB761009DE
Requests: 40 HTTP requests in this frame

Frame: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDD4909BC260B20E46F90D30667BD97B
Requests: 40 HTTP requests in this frame

Frame: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0398A8C884C14E370D93F09B7D984821
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwdyHggIwAQ&v=APEucNUwT2e1aKLbZNKaQ-APmGH6x3RsTvlgffuapY0TkBrB_-oYjbMjm-h7rbkZYftWYTEOuaoS3UA420865fW12aCIVRDoAX9o5voOWo_v5JXGiWGxWEI
Frame ID: 602740E43AED7E15B378D12105B109F7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYmNmIggIwAQ&v=APEucNXcyoQiI9ScNi4JhZ91t0EIqujGJV3hE65MK0SQhYo9ercxsjwt3kRZdUBlIWI8x1e51kvsOBNI7Y3xX4eRUCaPYdNH7s1pb4NXDNvGgSLtPO3jAQk
Frame ID: 62ED192D9CF54C2B39037C80B04C3782
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Frame ID: C05ABECD236D805B038DA03B23451917
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 616E3309FA159BA874A8BE03CAB93D41
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC22284FF5ED76DA4BD64391705A384F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F6330638AEC092E02183CC045C972C5C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
Frame ID: 8E7C53F678722842E648F61DDE742067
Requests: 176 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net&gdpr=0&gdpr_consent=
Frame ID: C8A35BEA52A8CF2558C50074C32B9F87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FF90C839E0BBD08C202BD7F4C1902889
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8C6A9F3D193EA5BACF9A42C4A87832B8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B784602F977BCA24675EA22C89AF730D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 132B3BFE33EEB21A45B580B03A5A9EF9
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 257D2AA7ADE61C4F6F55D331076EDC7C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155251/4198896/index.html
Frame ID: 1AF42337FCF20954C6C61B74C01D032B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155251/4198832/index.html
Frame ID: 81780D0EC0A42A7E068318273DB92F37
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 61F50F1CC7B7B6B97F4049249BF449B7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C359%2C459%2C70%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C244%2C201%2C246%2C4%2C203%2C10000%2C108%2C9%2C407&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 519DEEFEED44C3868ECC697A2CF14673
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1705298009686
Frame ID: B79468D07FC4BA2FDE8C9CCCDC9152DA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 11542D7AC5B796A87E850227601BE744
Requests: 6 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A08CFC19FB97FBA72B58362D8FF220B3
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 28C4C80CCC8AA7BD1B17F9B871CD9043
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FFB5E48B161FAC326E56018E3A00E7C8
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 713DEB9EF7D244991E41535FBBC9C4D5
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4D856540ED8810AA0335CDA54F4FF1BB
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: B2134E162F6660994F4810F9D583E7CB
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8BF3C89F35ECB63D20EB5B577BBECB80
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 43473CD4D5EA95536449C6F846C655DE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 0ED7E3595DF18311875B807EC6368A26
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 7D4260DD05AF5FA1FF9226AFA9F239E9
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 18A3BE9F011074A11B5EA8DF0853DC2D
Requests: 8 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: E941A8FB69FC56C78B74E81519988FFF
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: B1F43E3E3BCDE68DE5EA0A97F3AD20B3
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=0&gdpr_consent=
Frame ID: 8BD8456126E3A7206103A68D30F9B90D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YjFlM2RiNy0xMjRkLTRhM2QtODc5OS00N2FlYjk3MDk1NzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 37AAAD36D381D43D725A4B560603FC96
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A6DD06B04DCC0D085CEC3FFEEAF67B07
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3F38508713B76258C58AE81AAFDDFBE8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Frame ID: 958AF23A6FB178F112719FA829BAA125
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum
Frame ID: 1DDA19482BB99B34AB6C0D8F6EDA4F7D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 60940DFEF9E2094FBF9B40973C240300
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
Frame ID: CD258EAC495630CDE2E059011073778C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CC49F6AD13CC28ADAA21314FD8CA03B0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C33A0BC5B6222E6BC0C68399BBCE2DF8
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 28F3EC7A037B24C10051DE3E5D719661
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 37E7708415BF42DDA6A0D4A16462B45F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6408453272
Frame ID: FB0D9D0BA20ABD4CE37746CA8FC8A62B
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: D2B655CB65D09EA3EE67E25C0B054E19
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=96daf6a0fd113a5f&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 9CA12F7EB33857CD4EBD900E326A1E3D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 74107F15110BA57DA600CE17C6BF85EB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 2657C1E77CC0D4AB15237EC8EE0D8875
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: C1151094BB389BD1EEC5176DE5FFBDC2
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 83DD19E7142E6C38A6CE3E0EDACEE8B5
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 8F061ADF8598B69AA49BF3CE5A8A9BDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 63730E799487AB04BA0CC5E0C2EF46E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 5CBCF16FD47AAE665CC781BB3EBD7E70
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Frame ID: 53FB7B6DEA7BDC85DC279AF97440D6CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What Is The Best Place To Research Mercedes Key Online - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

688
Requests

79 %
HTTPS

26 %
IPv6

113
Domains

185
Subdomains

112
IPs

14
Countries

12069 kB
Transfer

17755 kB
Size

174
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN3C_AgSfTFGeJ-sVE3GQSE&google_cver=1&gdpr=0
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Request Chain 115
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 116
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D96daf6a0fd113a5f%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=96daf6a0fd113a5f&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
Request Chain 117
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D96daf6a0fd113a5f%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D96daf6a0fd113a5f%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=96daf6a0fd113a5f&uid=e2b51822-d7d5-43b7-bcdf-2fd09b1c96db
Request Chain 118
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D96daf6a0fd113a5f%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D96daf6a0fd113a5f%2526uid%253D%2524UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96daf6a0fd113a5f&uid=4990313130819484401
Request Chain 119
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=eplanning
Request Chain 120
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705298011375 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1780940545 HTTP 302
  • https://sync.1rx.io/usersync/turn/4101092493792332970?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4feff258-aefc-444f-bbe7-edb82969d503-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4feff258-aefc-444f-bbe7-edb82969d503-003%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-4feff258-aefc-444f-bbe7-edb82969d503-003&dc=fc741bbdfeedcd57&iss=1
Request Chain 126
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1ef8a44fa7f9452197aebff7f075714e HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4173150087830260906 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1ef8a44f-a7f9-4521-97ae-bff7f075714e HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%3A1705298012.3130558&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%253A1705298012.3130558%26_%3D1705298012.3156075&cb=1705298012.3156455 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588528606875902&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%253A1705298012.3130558%26_%3D1705298012.3156075 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%3A1705298012.3130558&_=1705298012.3156075 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdkMzhhNjcxNy0wYjZjLTQ0MDctYTFmYy1jOGU2YTViYmNkZjE6MTcwNTI5ODAxMi4zMTMwNTU4EAAaDQjckJOtBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECNs9csXEj3yOjWOtMb3vzo&google_cver=1
Request Chain 128
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG38QY2s6A8ku9Qw0H4VnKo&google_cver=1
Request Chain 130
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2ccc7d0e55ad18b3&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxsMtTCc2wwNHe5_eAAAAAAA&expiration=1705384411&is_secure=true
Request Chain 131
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
Request Chain 132
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210829277812729
Request Chain 133
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4536808349406740935&gdpr=0&gdpr_consent=
Request Chain 138
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f1ec1bf4-2e5c-4a8f-97eb-f5701fbd1dfe&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 143
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 145
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=44561222254385087641815664406333329197&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 147
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7324199187187890336&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 148
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf
Request Chain 149
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361&bounce=1&random=2168218781 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=JVxhWzP65JBq5cprdGoggO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 150
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4627870834427052395
Request Chain 151
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=dfd4cd54c10dfc00155eb96f3cab5a21&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 152
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-PKija4RE2oqB.jgAfyEYlKhd8FfsdOettg--~A&zpartnerid=570&env=mWeb
Request Chain 153
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CHE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=duN%2BMBHnAzOfL0GX08zP%2Bp9%2F2ILae59i%2BS41iYitP1U%3D
Request Chain 157
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361&_test=ZaTIWwAOn8wq8gBd HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZaTIWwAOn8wq8gBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 159
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 160
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361&dcc=t
Request Chain 162
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 163
  • https://pixel.rubiconproject.com/token?pid=41544&puid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LREIELHT-J-EAV3&env=mWeb&zpartnerid=1770&gdpr=0
Request Chain 165
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=YEFLpTVMH_N7Q06jYRUH9WNHSKN7EEj3bhAIEhG0&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Request Chain 166
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=FyNssEIuOOYMIWm2Fncg4BQlb7YMcm_iGXK0YkZT HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 168
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
Request Chain 169
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fec55b33-3663-5e13-5402-eed96da6419c$ip$176.10.106.27
Request Chain 170
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VTk.r05E2peMrAtf4Yt.jY4JLd0ICMO64sbh~A
Request Chain 171
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=37fe0d3f-75ce-49cd-b1c5-3fd700532305
Request Chain 174
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=9KcPZIkFmo8X&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 175
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
Request Chain 177
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=&gdpr_consent=
Request Chain 181
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Request Chain 182
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum&tc=1
Request Chain 183
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a7df65a4-c85d-4d00-8145-654c2eb210ce&gdpr=0&gdpr_consent=
Request Chain 186
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 187
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
Request Chain 188
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4990313130819484401&gdpr=0&gdpr_consent=
Request Chain 189
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7324199187187890336&gdpr=0&gdpr_consent=
Request Chain 190
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_994414b5-8461-478a-9525-879f663be39a&bsw_param=c026f4eb-0277-4707-adee-e8fc9092a995&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 191
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_sVbMzZjXhNUAu7ZbaZBnLAKahs&gdpr=0&gdpr_consent=
Request Chain 192
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRG5FN0xTWkVBQUJZdmN5bEZJUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABDnE7LSZEAABYvcylFIQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABDnE7LSZEAABYvcylFIQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABDnE7LSZEAABYvcylFIQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4627870834427052395&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABDnE7LSZEAABYvcylFIQ&gdpr=0&gdpr_consent=
Request Chain 193
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588528606875902
Request Chain 194
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU845984ba8d644232849a67946de2d23a
Request Chain 195
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 196
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1965549445137224645
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaTIWwAOnyYpkQBd
Request Chain 198
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a6794b31b507174a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgUTRWhYbhVaTbTWg%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=dfd4cd54c10dfc00155eb96f3cab5a21&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DHHt10NrrgUTRWhYbhVaTbTWg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgUTRWhYbhVaTbTWg&gdpr=0&gdpr_consent=
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 204
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=&ct=y
Request Chain 205
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=828059824
Request Chain 206
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGgwekI2SGQxLXFRYjJwbkw5TDJmeFBKUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1379274890732070298&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzM5MDJFRkEtODBGQy00MzUzLTk2NUItMUMzMUU2QThCMjND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHbVOLfssyUkON6-HP12ptA&google_cver=1
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5124745693932530935
Request Chain 213
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hRGqG81E2uVXHil00mvCTY1rxu07WMA-~A&gdpr=0
Request Chain 214
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Request Chain 215
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348&gdpr=0&gdpr_consent=
Request Chain 216
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=409fd6bcc2141771&is_secure=true&networkId=17100&version=1&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIBG3RGpDR1wNFjPRYAAAAAAA&expiration=1705384411&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 217
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4173150087830260906&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 218
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20413bf0-4d0b-4493-a489-03e67703f38b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 222
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=ecdb7494-b9c3-4d25-a436-f5b5b359eafc
Request Chain 264
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4269604553
Request Chain 267
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJ-23y-0KT4IEDNBBX3Dg2I&google_cver=1&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGMQEjqCh_XZBpIuSVuRiQpl80qw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGMQEjqCh_XZBpIuSVuRiQpl80qw
Request Chain 268
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJfo7rqVpZ55ZUgOGQxGXDk&google_cver=1&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i9JMn-LfvEp51hW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i9JMn-LfvEp51hW
Request Chain 269
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6DHthg-YxDu3cyLt0XLDMQLpbr-7u_jer_uUsUW2IAQENkGWKxc_8I7SuW-u2nTy7uCO0I9yw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6DHthg-YxDu3cyLt0XLDMQLpbr-7u_jer_uUsUW2IAQENkGWKxc_8I7SuW-u2nTy7uCO0I9yw&gdpr=&gdpr_consent=
Request Chain 270
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOu7G3HycKY7VjAuj2vRAAE&google_cver=1&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp8U2lbglD8t9PojXQ6S8Cz7NQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp8U2lbglD8t9PojXQ6S8Cz7NQ&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
Request Chain 271
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFfo0eKA6huZzhtFwD5Qaas&google_cver=1&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD&google_hm=WmFUSVhNQ281dEVBQU5FbFRGSUFBQUFB
Request Chain 272
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJkVdKsU4CYTyOaonaNSaKA&google_cver=1&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQnbTdzkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQnbTdzkg&google_hm=NTE0NDU4ODUyODYwNjg3NTkwMg==
Request Chain 273
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEO_D4VJwK-46z2kOPVQL96o&google_cver=1&google_push=AXcoOmTRArIuNUS9jew9GvNSiCNPrxzHs6h5bQ0W4S77BEUsjZOF6LFKjvpc9GHTACOcwGzZdfZ1BL4WvMkAeS6JZFgLW9Hhg8-71pU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c026f4eb-0277-4707-adee-e8fc9092a995&%%GOOGLE_PUSH_PAIR%%
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
Request Chain 280
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF-GQiNDNHkaasxuRu5paPc&google_cver=1
Request Chain 282
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MDMxMzEzMDgxOTQ4NDQwMQ%3D%3D
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED_gEkTeVAzQs0REOIlTrd0&google_cver=1&gdpr=0
Request Chain 284
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmYyYmJhYmUtZGMwMC0yZWVhLWViNDAtZTQ0OGE5MDgxMDY5
Request Chain 285
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 289
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LREIELHT-J-EAV3 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LREIELHT-J-EAV3
Request Chain 304
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8NzDxhevkzMMuMZASpbiEw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5D38FLRE2oKIMRVOFcNOkUOx3oeApPcWhxLcHw--~A
Request Chain 305
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJFSUVMSFQtSi1FQVYz HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAAdofvtEzVv6yg7AnfpF6I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJFSUVMSFQtSi1FQVYz&google_push=
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP1QGQ06jrL-7NYyC5qNgWQ&google_cver=1
Request Chain 307
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Pnn7WYGuSsKzu3Famhau-g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Pnn7WYGuSsKzu3Famhau-g
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM0OGVmZjE1MTVkYzk4Y2MwOTkzZjE0MDgxNGEwNjQ0ZjdkYTM5Nw
Request Chain 309
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LREIELHT-J-EAV3&ex=d-rubiconproject.com&status=ok
Request Chain 310
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LREIELHT-J-EAV3
Request Chain 312
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TV7EUMnjRnS-lqiYuas5jA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TV7EUMnjRnS-lqiYuas5jA
Request Chain 314
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LREIELHT-J-EAV3&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LREIELHT-J-EAV3&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wSTQ1VmZGRTJ1RkdmTVJHVFQ5MTREelJnNFhrLi5OUH5B&ovsid=LREIELHT-J-EAV3&dpid=58160
Request Chain 315
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LREIELHT-J-EAV3
Request Chain 316
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LREIELHT-J-EAV3
Request Chain 317
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LREIELHT-J-EAV3
Request Chain 318
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LREIELHT-J-EAV3
Request Chain 319
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=37fe0d3f-75ce-49cd-b1c5-3fd700532305&expires=30
Request Chain 321
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aWmNb3xucGhPcVEzdmxMNnZVczJ6UXhPNXNyVG9WYXNjTFVGZjBldGFwbGcra0dqQzM5ZUdiUWVuMlhJZEt6Y3pjSk5kU2s3eDVYdjJXWDBDZ0txdzNON3dRbkNpQm96ZGpOWWpWd0Y0dVlRZXgrb2d5UnNEYnFBWTA0MWR4YStqM24yWTY5Vi9mVmJuZnJGZnE0c2VVcmtNWjFwUkJ2cmhpR2JiOE5BUmswK0pPM3R6VS93RnJmSFVrNFE5b1BUcnIzaU1MMEJBZ0d1MnN4WXoybHI4dWIvWGdwZ040aEphRkJxcGtrYVFnWUFXS2FUTGJFSTZwQll0bkN3YnpweVdyRkd5M012Zk9DbFFqdkJXeUdhSzJ0NVp3dUtEWEQ5bEVjRlZwQS96K2V0aWduWT18&cppv=2
Request Chain 336
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEON2DkKy9_DRsDJqmnXVlt8&google_cver=1&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ0HBTIUHLhXB3h1JXjeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ0HBTIUHLhXB3h1JXjeQ
Request Chain 337
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG2KqDkaAw0o8M0wyWb6kIQ&google_cver=1&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeoiTVfM7IE HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeoiTVfM7IE&google_hm=wCb06wJ3Rwet7uj8kJKplQ==
Request Chain 338
  • https://rtb.openx.net/sync/dds?google_gid=CAESECyo9KvXJBsGFTFrBH_p4ZA&google_cver=1&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw&google_hm=nBLjSLzxyWAY1PJGsPPksw==
Request Chain 339
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNbXplBbm3AjgfWp99GMIqN-6BpUZRTyDaK0SZGX-HRmRI9FzkrrXgDw2tTJjrn-7Hw3isjc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNbXplBbm3AjgfWp99GMIqN-6BpUZRTyDaK0SZGX-HRmRI9FzkrrXgDw2tTJjrn-7Hw3isjc&gdpr=&gdpr_consent=
Request Chain 340
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOu7G3HycKY7VjAuj2vRAAE&google_cver=1&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2apcVti6CwpZtHIAQglGCM-Ow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2apcVti6CwpZtHIAQglGCM-Ow&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
Request Chain 341
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSlQ9APhFr_kbG-o9e_l8Jg5sw6mJqfifq-VCz6OtQjDY1GrDocOzkwC3WsafWvipMfh18gvFR-70SCu7ZtDgLUWRpy4Nr0Zxg&google_gid=CAESEPooyfXAJrlstc2-YC7SBZw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPooyfXAJrlstc2-YC7SBZw&google_hm=T1BVODQ1OTg0YmE4ZDY0NDIzMjg0OWE2Nzk0NmRlMmQyM2E&google_nid=opera_norway_as&google_push=AXcoOmSlQ9APhFr_kbG-o9e_l8Jg5sw6mJqfifq-VCz6OtQjDY1GrDocOzkwC3WsafWvipMfh18gvFR-70SCu7ZtDgLUWRpy4Nr0Zxg
Request Chain 342
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEAQYPYY_8YjNboTUMKAzF9s&google_cver=1&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K_ey-MPXdkI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K_ey-MPXdkI&google_hm=f34e9699e10a7b192m0zzm00lreienuh
Request Chain 348
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1&google_push=AXcoOmTPzWNEbwqeHONIgnyj18rsBD0ED3Z147iVSMkZYKeQ4Poq1KDBTHoJSofmb8DobiCkz35eIQITMSipzimniRh2Vw8W6ahn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3MzE1MDA4NzgzMDI2MDkwNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1
Request Chain 349
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_cver=1&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVrZSnWbpGK5f2_-ZPJCADvXkwLX-Fq03QukU-lt4E4Qmn7U HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49c7124eb0bf15bd&is_secure=true&networkId=14000&version=1&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_cver=1&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVrZSnWbpGK5f2_-ZPJCADvXkwLX-Fq03QukU-lt4E4Qmn7U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAItbWaNmusogMDfxTRAAAAAAA&expiration=1705384412&google_cver=1&is_secure=true&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVrZSnWbpGK5f2_-ZPJCADvXkwLX-Fq03QukU-lt4E4Qmn7U
Request Chain 352
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGA7omV7HAbSyH732kMPEJE&google_cver=1&google_push=AXcoOmT4-t6TWZ2CGZXeYNHbbqIDjUqyMHSBz3rZu3Vc7UzjTo5NNo81mk2SakJtCaJMqOaXhzpTn319-jm7yBm6VWjHwJdTYOR8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT4-t6TWZ2CGZXeYNHbbqIDjUqyMHSBz3rZu3Vc7UzjTo5NNo81mk2SakJtCaJMqOaXhzpTn319-jm7yBm6VWjHwJdTYOR8
Request Chain 353
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJfo7rqVpZ55ZUgOGQxGXDk&google_cver=1&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmMSTONDyYf3nqtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmMSTONDyYf3nqtM
Request Chain 354
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHyspyRIOk-2H9cCyZV8n4hixFJuf5VMEdJw3sVExJq7639fjTGxxz8yuBzyBlpC5xHcfyI8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHyspyRIOk-2H9cCyZV8n4hixFJuf5VMEdJw3sVExJq7639fjTGxxz8yuBzyBlpC5xHcfyI8&gdpr=&gdpr_consent=
Request Chain 426
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 431
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4990313130819484401
Request Chain 432
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=H_nBuRZHTNVNdAv6Q1qpFt7w
Request Chain 434
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8010814079
Request Chain 435
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588528606875902
Request Chain 436
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
Request Chain 437
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
Request Chain 439
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-f36b016f-2845-33ee-8a91-00bfc892f870&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAyAgwbOAE=
Request Chain 440
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
Request Chain 442
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 452
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZaTIWwAOn8wq8gBd&gdpr=0&gdpr_consent=
Request Chain 453
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 454
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4990313130819484401&gdpr=0&gdpr_consent=
Request Chain 456
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 458
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4990313130819484401
Request Chain 460
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4173150087830260906
Request Chain 463
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1230c8c645084f59ad5aec906ac09046&expiration=1707890013
Request Chain 465
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
Request Chain 466
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c026f4eb-0277-4707-adee-e8fc9092a995&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 467
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
Request Chain 468
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g9yTn7FE2pcf8STXS7LOIOSqnTp9j24Evdvi~A
Request Chain 471
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
Request Chain 478
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=0&gdpr_consent=
Request Chain 482
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Request Chain 483
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum
Request Chain 484
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 488
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Request Chain 489
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=da1d8b70-6ae5-4f1a-8638-a70623e954ec
Request Chain 490
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZaTIWuXKlNON04lx1l0gawAA%263222
Request Chain 491
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=6727ab6650ba834ce1a0f627e4ee8a90
Request Chain 492
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1146922423687014129151
Request Chain 503
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 506
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6408453272
Request Chain 507
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FC87DDCE4402460E9224C3844C104772&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Request Chain 509
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 510
  • https://pixel.onaudience.com/?partner=214&mapped=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=1379274890732070298&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a6794b31b507174a
Request Chain 520
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=3b5e9de0b4b2276ec52733aab8b9c497&gdpr_consent=&gdpr=0
Request Chain 521
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Request Chain 530
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&uid=cf4e6de1-c21f-4286-b209-83d6b868d7e1
Request Chain 542
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LREIELHT-J-EAV3 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LREIELHT-J-EAV3

688 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request giu5j4j0
pastelink.net/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
37352e7b5b38be4bd565c8c8e62a8827d4b11413a56e1927b950e611dc0bf0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 05:53:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 05:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 05:53:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 05:53:28 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/giu5j4j0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/giu5j4j0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/giu5j4j0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4155790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT5ktQFn1LEgqdzOQuRrsCimMDoaNj%2B%2FFA32O1IAMoJA%2Fo5%2BPI%2BFzripdwtf%2BHs%2Bl0GvEZpz%2FiKu4cFaGDb7vbtcUB8%2B6lzrcBmZIGkHmR%2BBNi2LhjtKtcDtvxw%2B28K2AYMYS%2BY7QooV%2FlPmzssHK4ML"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
845bdbcb1ed101f8-ZRH
expires
Sat, 04 Jan 2025 05:53:28 GMT
css2
fonts.googleapis.com/ 		695 B
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Freehand:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38dbd00cfad5931b427f966263e3fa21e39eb5355a0609fbeb48e224e5ff1910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 05:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 05:53:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 05:53:28 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d9232e3bc927832d2df3b163615ce246c8be527c0e879244ee33d3a9d5a51cdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 15 Jan 2024 05:53:28 GMT
gtm.js
www.googletagmanager.com/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4e6853c0e16c38583a4ee40a992ed4da83d10ed630ac2ea760093e1dce778e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92481
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Jan 2024 05:53:29 GMT
pastelink.js
cdn4.buysellads.net/pub/ 		556 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.85.187 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-15.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
38291f657fa90369c87a0a23fc59c92582dc86ee3a7250def2b2be44c235f0e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
0f84419717dd028ccb72a980d8655140d1def20a
vary
Accept-Encoding
content-type
application/javascript
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 07:25:53 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:30:47 GMT
x-content-type-options
nosniff
age
220961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:30:47 GMT
cIf-Ma5eqk01VjKTgDmGRGQ.woff2
fonts.gstatic.com/s/freehand/v31/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/freehand/v31/cIf-Ma5eqk01VjKTgDmGRGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Freehand:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28498c6aae2ee2d44add79f09b33f44d9558424a74ee50043bdb219164e8e276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 17:31:40 GMT
x-content-type-options
nosniff
age
130908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50104
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:22:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 17:31:40 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:33:09 GMT
x-content-type-options
nosniff
age
228019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 14:33:09 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:44:17 GMT
x-content-type-options
nosniff
age
551351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:44:17 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef5ed63e0d2b29300bc2c425e9c1e7685d50f02227daa2455b2d82a0d945a4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87597
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 05:53:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 Jan 2024 05:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 15 Jan 2024 07:48:13 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je41a0v873532799z8831407672&_p=1705298008933&gcd=11l1l1l1l1&dma=0&cid=1649933049.1705298009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705298009&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&dt=What%20Is%20The%20Best%20Place%20To%20Research%20Mercedes%20Key%20Online%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=705
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
btloader.com/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c2b611689fbd8ce0fc4b79f62c0bf6e3ea36a29da1dfafd8980bd90f6f367f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 04:50:13 GMT
server
cloudflare
age
3583
etag
"a65ab0ce796251408800b4dd280c8f80"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
845bdbcd9cdb0e29-MXP
content-length
20579
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2455d1064d49b151522aba0fd41602e78ef7b30969fc85285e889610f123bcc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29317
x-xss-protection
0
server
cafe
etag
223 / 19737 / 31080327 / config-hash: 6457213104751266546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:29 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1369545482&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&ul=en-us&de=UTF-8&dt=What%20Is%20The%20Best%20Place%20To%20Research%20Mercedes%20Key%20Online%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1682470544&gjid=1187666406&cid=1649933049.1705298009&tid=UA-55088947-2&_gid=2105002343.1705298009&_r=1&_slc=1&gtm=45He41a0n8155WHPWQv831407672&gcd=11l1l1l1l1&dma=0&z=975880606
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ecccb49673e49ef3c8ce069223b87e22297c24f7f1b5f2c6e005dc3f3f43c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83955
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 05:53:29 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 05:53:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1291845
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Bh3MQDnrk3X22uwJXYUfGJ13mE%2BGKrk2vH5KGpDALxa2SdSYfoFGzN3kUUa4UVmjLWO7olyH0dpFAaFYgljkc15iWH7Ll3zK1dccTvLQTt48Zy1vX8AkQx1hx6vxhf3N8dSWRT%2BudkLJ%2B4TBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
845bdbce086483a9-MXP
expires
Sun, 31 Dec 2023 07:31:30 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 22:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:48:00 GMT
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.14779391053397295
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1291845
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWnNnaI8J%2Fxu2tB2tQpMBrP2TQk9GGv46H%2FUIB9rFGF1rW7yGXAIq7%2Bg9dmP9ZJbZ6rdGeZKcpVw2kJR7yTETDa2Q3u1wk3tqLeOvMW4ZxYLolHTaU8Y4VpzyzfAmisSS1DOQK02kIxDw3gsfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
845bdbce086183a9-MXP
expires
Sun, 31 Dec 2023 07:31:30 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je41a0v9136110041&_p=1705298008933&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1649933049.1705298009&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&dt=What%20Is%20The%20Best%20Place%20To%20Research%20Mercedes%20Key%20Online%20-%20Pastelink.net&sid=1705298009&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=863
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
60709
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140168
x-xss-protection
0
server
cafe
etag
17101759845534740898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 Jan 2025 13:01:40 GMT
22405481091
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22405481091?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55b0aa5bb9805990ef8fed7c0aa2af4acb63f81e187eaccef588839ff4714a08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gdHDzWDvyk28aVPjyiIKIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-gdHDzWDvyk28aVPjyiIKIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=EA8gxQkJi&w=5093624318001152&o=5102648370397184&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&sid=XTbyFog3&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 05:53:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
AGSKWxVlD0QiPWv6kZs7yfJ_jpQheki4m73x7pJNgFAkzJtp3kmXGnEJmcm-e0M90bTOBOxNpkOa4EthmyjuVYDgzzFsJTANb8H_dDaEVBQxs4cWM5Ezar_C40mJJtOP3W0XrUrIRa20UA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVlD0QiPWv6kZs7yfJ_jpQheki4m73x7pJNgFAkzJtp3kmXGnEJmcm-e0M90bTOBOxNpkOa4EthmyjuVYDgzzFsJTANb8H_dDaEVBQxs4cWM5Ezar_C40mJJtOP3W0XrUrIRa20UA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Mjk4MDA5LDU2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2dpdTVqNGowIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ4XSxudWxsLDEwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6de5e6dc0280a122f020e341ce9ddce68d66ee1a9f959c15d229b5de73e330d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-68MsHKGoqz4wgoz88sNM6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-68MsHKGoqz4wgoz88sNM6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
CWYD627N.json
srv.buysellads.com/ads/ 		1 KB
713 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=523544&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.65.16.11 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-14.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
bef35fb697c1dde0518a04ddb3802eb9276e7d206b8917375ed99b1d7f55eeaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
576
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1465111
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMkNMmK%2BeT7gkUfI6IhI%2BPrCZ0ieOXHna8KbTwBBBAGoN1v%2FFtDSyjuo8KP6bBAOvy2AKuG446%2F5vdEMPG4f0IDUroeb9O2Z0LKrnY2s1IisnYq%2FbLm28%2BoYwvaBrG5MU4U3UMDz2lMGND6%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
845bdbd04d7b0e1d-MXP
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 15 Jan 2024 05:53:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		845 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10792
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e9515f1dbae39bdbb1fa3ee9f4c0cecf4e1fd7926751354a391499b4b1e57123

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		357 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&PageUrl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&PageReferrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
671fd4b838cb8a9b5b95b45722e3afe521bde53d5ee2a41d13e4d2cefbf85daa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
36
content-length
357
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28fdd76729a76d30e887018dfe1573aedd8854016283eca3ec62a7645c77ec27

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 15 Jan 2024 05:53:29 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
845bdbd04f0f01df-ZRH
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
26c881989e77de5a917bffaf67ed549805ba5aafc2dcf706ffae5437d83aa143

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:28 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 05:53:29 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=d42b8c77-2c43-4300-b074-a58579fd4845&l_pb_bid_id=19e6058b77b9af8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d42b8c77-2c43-4300-b074-a58579fd4845&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.9362000889714115
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3d26d8514c7cd699205411507963ea7fd227a18af95a48d09cf62ca38ee3fd3a

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb
rt.marphezis.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=77583657898&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 15 Jan 2024 05:53:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:29 GMT
an-x-request-uuid
80dc4bb0-bb8a-4fa9-a92d-737e64ae4e62
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxV36khgc9exjb8skg6XdPbRKIp40ufwRKHQXwvQqYDlWvUwWou0IMaz6ZIf-aqdzYnyeTTnMLX61tzOSPqwYwvRF3oEOXhknC6CtcSp7e8eqiOE4UaZrLG_2pzAbsmUMnJwcJ_hEQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV36khgc9exjb8skg6XdPbRKIp40ufwRKHQXwvQqYDlWvUwWou0IMaz6ZIf-aqdzYnyeTTnMLX61tzOSPqwYwvRF3oEOXhknC6CtcSp7e8eqiOE4UaZrLG_2pzAbsmUMnJwcJ_hEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Mjk4MDA5LDYyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFzdGVsaW5rLm5ldC9naXU1ajRqMCIsbnVsbCxbWzgsIjE1bUxwenJ3THJBIl0sWzksImRlIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0OF0sbnVsbCwxMF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9a1acb04360e75cd2c9b6fbb8b2b958325826e8e65acc4d8a174d1935ea42dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OvpskfShCccwfIramJi_AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-OvpskfShCccwfIramJi_AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1395374
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nJtmCI32e4Exz1TTHp%2F1HHszCCcL%2B6sVWFS5BpEKBmfeD4CFrh8M3043IAVtT4TMoR94Pa74pJWtyOEM%2FyVXB9Urv99NS5bxMHJ%2Fx5cfj2x3aC3ijYotfFFl3lKAscMfznWphTq5HgwwIHT"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
845bdbd0a90e3747-MXP
/
ssc-cms.33across.com/ps/ Frame AE63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP009 /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Mon, 15 Jan 2024 05:53:29 GMT
server
33XP009
x-33x-status
2020008
ads
securepubads.g.doubleclick.net/gampad/ 		87 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=169572431204391&correlator=134072332011692&eid=31080440%2C31079234%2C31080327%2C31079527%2C31080117&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&iu_parts=22405481091%2CPastelink_S2S_TopLeaderboard_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705298010281&lmt=1705298010&adxs=310&adys=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&vis=1&psz=705x172&msz=705x10&fws=4&ohw=1600&ga_vid=1649933049.1705298009&ga_sid=1705298010&ga_hid=1369545482&ga_fc=true&dlt=1705298008758&idt=645&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=1703297318&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e51abf5a5f2cdd2baee209e9c0554ac4caa85a53155b7a6b1e51ac03678444c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39608
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0af34a2ac98115d7bc0ce1c6a19014fcefb93bb340dca57a14db590e9126461e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12537
x-xss-protection
0
container.html
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE6E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Tue, 14 Jan 2025 05:53:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video.ads._728x901.
fundingchoicesmessages.google.com/f/AGSKWxW6dwSIXn7Lgzd5T2_9cRvMfFiaNJo6XT5kl3PZMuyMISTZpvndPz59l6FmgHqljCQ4GYAndDgcwgIUBrfYcv9XWmiYjittPhJFQAzJz5Bw738JPUIqj76Opzqhcj7dGjWFQBBA3Wb5UsH4DWmaquhlP8Vtb... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW6dwSIXn7Lgzd5T2_9cRvMfFiaNJo6XT5kl3PZMuyMISTZpvndPz59l6FmgHqljCQ4GYAndDgcwgIUBrfYcv9XWmiYjittPhJFQAzJz5Bw738JPUIqj76Opzqhcj7dGjWFQBBA3Wb5UsH4DWmaquhlP8Vtb3CxopNnV1Tqv0_XDTtDemyY3eT5Je-M/_/squareads./ad-invalid-/adspan./video.ads._728x901.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwqCnrDRKPwzSzuCt0e1IwwY6RVQQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4762a9963a2a79a2fb0d6809de90a1db74207cb4762f6d3a2adb8fc5cf124a04
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zt-pm2WXk71Ddd54BaM99w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-Zt-pm2WXk71Ddd54BaM99w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwqCnrDRKPwzSzuCt0e1IwwY6RVQQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0567034a1b5fe07bc9c36d7b1f8f3f244904e860f4cd6ae67553117e715c498b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51176
x-xss-protection
0
server
cafe
etag
8101904623384648437
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:30 GMT
AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g1dvtRlaIq0qM0byDrJ0_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g1dvtRlaIq0qM0byDrJ0_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AJGzwaLi1f3uhPGFhrq0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-AJGzwaLi1f3uhPGFhrq0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Jan 2024 05:53:30 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 41DF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
15256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 01:39:14 GMT
etag
9219409622527106327
expires
Mon, 29 Jan 2024 01:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7tqgWsMtsn_p2RpX9dXXRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7tqgWsMtsn_p2RpX9dXXRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUBufmHnzv67bgwC4c81qGKIJkk_fW0n69-ZsWEOLCiLGblVHuETM8B5cSN1HwTirG9W2vtjlPLfM13UFNADmkJ6-DpH5zNarc_mUmwJireQuV2TwMv37cZDABm2w8pB-Sc_qOs2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RhVXVWB43G0Z17CnzAoYbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-RhVXVWB43G0Z17CnzAoYbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpXwjRRyY8iBT8GT4FC0Z2Uas2SDzbJaADCBmNJQThdw2uNmo9ZVg8M8SZUlJ25WKzKbe7M05IC6rxfqQgcO70-BA0o0FIOLwahVnYSVssRqsUSzMa6ZmGcgRXnFdLZBhRvsjIrQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUpXwjRRyY8iBT8GT4FC0Z2Uas2SDzbJaADCBmNJQThdw2uNmo9ZVg8M8SZUlJ25WKzKbe7M05IC6rxfqQgcO70-BA0o0FIOLwahVnYSVssRqsUSzMa6ZmGcgRXnFdLZBhRvsjIrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Mjk4MDEwLDQ2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2dpdTVqNGowIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ4XSxudWxsLDEwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70506ff0fc96ae2c7c08296833fc6351241ce57462416b453a2ee9b8581fe483
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-40LRy1JJDYrbAV8PSsxzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-40LRy1JJDYrbAV8PSsxzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXsc5lMvLvvJ9dwa-E4OT8p5h9caBxW66TiSqkdVTE3fb_NtqCUCB8el6rYIPbjjl4GN486SG7I0u0hOjtiwJo_APiW_YY5FM18IiUUELsaBUT6GCpiy8JyWukxKy7hUlmthnh_4w==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXsc5lMvLvvJ9dwa-E4OT8p5h9caBxW66TiSqkdVTE3fb_NtqCUCB8el6rYIPbjjl4GN486SG7I0u0hOjtiwJo_APiW_YY5FM18IiUUELsaBUT6GCpiy8JyWukxKy7hUlmthnh_4w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz0OyCKxpnFoo527yNpZ51eE3Dj5Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hHKJsYWe7N5yzk2hribqMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hHKJsYWe7N5yzk2hribqMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC04 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
24658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:02:32 GMT
expires
Mon, 13 Jan 2025 23:02:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B532 		829 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13d6a53dcf5604b9312b90543e5443d71d6dfbd4775f0a1a758a7ae59f83ce80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CnBT8S2Ua8HbbOZLY_kW0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CnBT8S2Ua8HbbOZLY_kW0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Mon, 15 Jan 2024 05:53:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame FC04 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 23:00:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401040101&jk=169572431204391&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame FC04 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?e1m5PA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D723 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Tue, 14 Jan 2025 05:53:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 684E 		499 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMfN0v0BMAE&v=APEucNVe6EdS3mnrqr94vAivAXh3VwFbvLWAlfRLdCbkpJZ57IEZSBAkNAsY5AwRxMuXVWBRFDhFA5i3kri3cxC7_N40s2A_GNDnFefB6GXMcXqLkoYhvPY
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Mon, 15 Jan 2024 05:53:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame D723 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
21129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 00:01:21 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame D723 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
21130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 00:01:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D723 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfRitXsTUvmD02KUU-nm_CssdCZ7kHJGzV9eS5oW8lqnPHFjGDr-Va2zGBW1HdVi3dmjOUf4uyfiM-1oADUtcYWJ2od_CrctUjNwVDmUV4lLSdIavwfyOiO_LGiBbov-hVOx6eUqP8VBR60pv61qeAN0TOS51gGyeMInL1KnotcLu6BZDScICtNokb6z58ziGQeyzHNB3tjMrmvQZnosaVeNHu6n4ZD-gq9TCbghxa-FrTTSUmPOq1Rxn2NiKEbcHYaq1yHhUFteUP6zx3qzzv120xEoQd_juGHAqatzjzL2qh9sqYbkK43EzMJRuzZ0U0eYgpG9reM4oOMIscmt0Tx_oZowLehJ8FvaBkyXwGQzSvNX7PAsuL7nVLScbjuf43D8DmIDoY8SzGiRwBrwOUqikojnl-2usRVwjL2gNQWCqPKx0onhNW0hcyfx1Cve1x75T-LRsXLwDhuL59msXutYFREXRVT8PIuXaPAeJ3XGrDl9C0Tvu6ejGTycECNVEGufkWSjTbDq3GefJ9RropKUKBT9r1JhIiYaqD0kVWcKENs_Ogg4A98BkjPfftNHchbxMJk3VwhFfjHMDJYGpwuPGzRjkgUSNxeacISCGpH1R6bMT8oZh1U_fJSkrrEKSeqWwowZ3cM7C4avzyH9sSZl1DO4YzIl5QxWOF6VQr6CIXUqpb9xXIoXzaWEEiLsEdsgyf0VsidWOjthuyBrxmgvG4K5-TPzhjPq4gOWB6sTtvQUtTTgFM2sYZpVA2o1kVZA6crfEoOEApMlA1LetDwm8s7woYPR7Th7UMyRu3IRlCTYsFEL-j8VgCaPfURx4BTD1wtQzRnP0UgvWIBwgov0twsMyEgQ0wDKve_fb-Bysp-eaFb9lu5HyVkmHYqMfBniHegnL6a-QPArRfnEhyz-vv-mI09Foc6odJUmLQ0mAqJaJwbeyGgKWSlKkdUs5v0RX5_fUFL3l7xf7b2moQhU8BdHqtcsOUNT48Cd6iGAUPZdxXUIfPbIJeXY5ese_tJu3r5U4zmEhQ9q6zKy25rAMHnDSC-XLoZM2eCMYbCRUMrwzaCb5lzHjsJi-1rlJ9wn9I5lRE7Nt14V0f3SFCVOchlzi22NJoZa81Hx0CX1yOErs32TDPZs7SHZ8D1E9pSebp2EO9bQor6SEVqvi1kXoyRslo8E7uYQ3gcFMUyjMJ4UqoeJIQur-4bES1tH4JCR5nky_-2egD0VFexjk3oZDIya75wSnt63s1Ruy28xAR7lfATLT8toqS7zTPMOLE4caP5CGUvdyRWan_ee05u61zTBsLCkUy2I3B74BRhICFaZl8mBwOSHQiwGU_OBcpCqueEKOCN8iEu2OKN-uAeZX0o7EGnV6ufVIOIgFsrdksn1FIMan62CrN2VPfUQXZDJA6seTbNTspUTWkyNjaJZBl6-9pIIHWqVp80ZtiV4vtZGiWIXI2LA_4-w&sai=AMfl-YTycHW6F5jpZTFH-uSROHB1DjpknAtVK3IJsjHbi2jYCoEjo3P04ck0IqJT0cNUGlwunUv5098_R2mK6IcB06q74WuX83NDf8BtgTGvqXxX3Z85HIrdvqTzXHKK4HNFx-IEfT-TzfWUguZ6brTlfnX2W1YnHtFe9ZrUQXHwYcBAZvTOICcfmeKxMxXnn5fTT6U3w9DcIh78Dn-44tOk_muEuBucRBQpV8eq57RqQhA4sdfIs4wiEqvTLAXU394EfLkd2v_vilUBUGQ3d-d8ryy_hlBEZ9dxfE2FH_ha51EuoQKYSDxF4r4qNXgTIIi8defe_dbRXY5ItsS3xAGsaTA3IQlLeDZeLhu1m6L3SBtvtW7Q6XFhrES56BnaoT8_MBbrg2GCq5SD0_ugg50jNpLEx8cyFk_MXo_IrhXnRoasSFMrTx6RNYpeeVwNsLiD4AcfPtciaiV2PXsIooM7AImDVpw5APAjijWvN-wER6mN1EXmw-5iwSI&sig=Cg0ArKJSzHg3KU0LST4oEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.86838&arae=0&ftch=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 15 Jan 2024 05:53:30 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:30 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D723 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
207942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D723 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:00:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D723 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
37999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D723 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALg0h-DS1SB1NwnLLKucwUONphhRa-KwPE36bd4kkVB6xZ-5NHLqu3jaDHaULHYgclcSmR1sNfW-JpehSOq6K55w9VHrqHAggUK59tkyzUkh2oucM
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D723 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:30 GMT
3473143074564877554
s0.2mdn.net/simgad/ Frame D723 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3473143074564877554
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a6f8f8b98c2e960675e90eca9baf737eeab7b40fb3c8e1ed70bd9a3d140e91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 21:23:18 GMT
date
Fri, 12 Jan 2024 21:23:18 GMT
x-content-type-options
nosniff
age
203412
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140273
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 13:42:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
/
onetag-sys.com/usync/ Frame 0505 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 920F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
193360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D723 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a6ea1806cad3d5af8acf0873d448767ff23cb88df1ae9f1f1e965844c2a161c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 684E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMfN0v0BMAE&v=APEucNVe6EdS3mnrqr94vAivAXh3VwFbvLWAlfRLdCbkpJZ57IEZSBAkNAsY5AwRxMuXVWBRFDhFA5i3kri3cxC7_N40s2A_GNDnFefB6GXMcXqLkoYhvPY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 684E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN3C_AgSfTFGeJ-sVE3GQSE&google_cver=1&gdpr=0
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN3C_AgSfTFGeJ-sVE3GQSE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMfN0v0BMAE&v=APEucNVe6EdS3mnrqr94vAivAXh3VwFbvLWAlfRLdCbkpJZ57IEZSBAkNAsY5AwRxMuXVWBRFDhFA5i3kri3cxC7_N40s2A_GNDnFefB6GXMcXqLkoYhvPY
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w4FDb5GJj7%2Fn8zmy9nJigrPRDHLIXoh1SAldXt%2B%2B4ReK9q0zZN%2BbJnAXanJNF6x8NWP4QkGZeYFvlWIOhOeQvOjjXbF6JicS5X6%2BvZmXI39DbkTAmOER7m6pQJ%2FH9wh9PBbbSTlHQRrYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbd83f0101f0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN3C_AgSfTFGeJ-sVE3GQSE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 684E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJ2chqQFGMfN0v0BMAE&v=APEucNVe6EdS3mnrqr94vAivAXh3VwFbvLWAlfRLdCbkpJZ57IEZSBAkNAsY5AwRxMuXVWBRFDhFA5i3kri3cxC7_N40s2A_GNDnFefB6GXMcXqLkoYhvPY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UG9ixWF%2BV5LetK3UpO2JqZHinSrTsznwT%2FGe35npUVBsHSjRBnQRniVWCKLnQN8xSzQ55o4ZongS%2Basa2ScmW7AHH%2BwJJyvwkSnAybEyRLK%2FsbncwQG2d4glLez04BFGjJgDHhP82d%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbd8bff90208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 920F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 23:00:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D723 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfRitXsTUvmD02KUU-nm_CssdCZ7kHJGzV9eS5oW8lqnPHFjGDr-Va2zGBW1HdVi3dmjOUf4uyfiM-1oADUtcYWJ2od_CrctUjNwVDmUV4lLSdIavwfyOiO_LGiBbov-hVOx6eUqP8VBR60pv61qeAN0TOS51gGyeMInL1KnotcLu6BZDScICtNokb6z58ziGQeyzHNB3tjMrmvQZnosaVeNHu6n4ZD-gq9TCbghxa-FrTTSUmPOq1Rxn2NiKEbcHYaq1yHhUFteUP6zx3qzzv120xEoQd_juGHAqatzjzL2qh9sqYbkK43EzMJRuzZ0U0eYgpG9reM4oOMIscmt0Tx_oZowLehJ8FvaBkyXwGQzSvNX7PAsuL7nVLScbjuf43D8DmIDoY8SzGiRwBrwOUqikojnl-2usRVwjL2gNQWCqPKx0onhNW0hcyfx1Cve1x75T-LRsXLwDhuL59msXutYFREXRVT8PIuXaPAeJ3XGrDl9C0Tvu6ejGTycECNVEGufkWSjTbDq3GefJ9RropKUKBT9r1JhIiYaqD0kVWcKENs_Ogg4A98BkjPfftNHchbxMJk3VwhFfjHMDJYGpwuPGzRjkgUSNxeacISCGpH1R6bMT8oZh1U_fJSkrrEKSeqWwowZ3cM7C4avzyH9sSZl1DO4YzIl5QxWOF6VQr6CIXUqpb9xXIoXzaWEEiLsEdsgyf0VsidWOjthuyBrxmgvG4K5-TPzhjPq4gOWB6sTtvQUtTTgFM2sYZpVA2o1kVZA6crfEoOEApMlA1LetDwm8s7woYPR7Th7UMyRu3IRlCTYsFEL-j8VgCaPfURx4BTD1wtQzRnP0UgvWIBwgov0twsMyEgQ0wDKve_fb-Bysp-eaFb9lu5HyVkmHYqMfBniHegnL6a-QPArRfnEhyz-vv-mI09Foc6odJUmLQ0mAqJaJwbeyGgKWSlKkdUs5v0RX5_fUFL3l7xf7b2moQhU8BdHqtcsOUNT48Cd6iGAUPZdxXUIfPbIJeXY5ese_tJu3r5U4zmEhQ9q6zKy25rAMHnDSC-XLoZM2eCMYbCRUMrwzaCb5lzHjsJi-1rlJ9wn9I5lRE7Nt14V0f3SFCVOchlzi22NJoZa81Hx0CX1yOErs32TDPZs7SHZ8D1E9pSebp2EO9bQor6SEVqvi1kXoyRslo8E7uYQ3gcFMUyjMJ4UqoeJIQur-4bES1tH4JCR5nky_-2egD0VFexjk3oZDIya75wSnt63s1Ruy28xAR7lfATLT8toqS7zTPMOLE4caP5CGUvdyRWan_ee05u61zTBsLCkUy2I3B74BRhICFaZl8mBwOSHQiwGU_OBcpCqueEKOCN8iEu2OKN-uAeZX0o7EGnV6ufVIOIgFsrdksn1FIMan62CrN2VPfUQXZDJA6seTbNTspUTWkyNjaJZBl6-9pIIHWqVp80ZtiV4vtZGiWIXI2LA_4-w&sai=AMfl-YTycHW6F5jpZTFH-uSROHB1DjpknAtVK3IJsjHbi2jYCoEjo3P04ck0IqJT0cNUGlwunUv5098_R2mK6IcB06q74WuX83NDf8BtgTGvqXxX3Z85HIrdvqTzXHKK4HNFx-IEfT-TzfWUguZ6brTlfnX2W1YnHtFe9ZrUQXHwYcBAZvTOICcfmeKxMxXnn5fTT6U3w9DcIh78Dn-44tOk_muEuBucRBQpV8eq57RqQhA4sdfIs4wiEqvTLAXU394EfLkd2v_vilUBUGQ3d-d8ryy_hlBEZ9dxfE2FH_ha51EuoQKYSDxF4r4qNXgTIIi8defe_dbRXY5ItsS3xAGsaTA3IQlLeDZeLhu1m6L3SBtvtW7Q6XFhrES56BnaoT8_MBbrg2GCq5SD0_ugg50jNpLEx8cyFk_MXo_IrhXnRoasSFMrTx6RNYpeeVwNsLiD4AcfPtciaiV2PXsIooM7AImDVpw5APAjijWvN-wER6mN1EXmw-5iwSI&sig=Cg0ArKJSzHg3KU0LST4oEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=164&vt=11&dtpt=163&dett=2&cstd=0&cisv=r20240109.86838&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 920F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2ebsWsikZY3GE9OS9u8PofSdoAEAAAAAOAHgBAI&bg=!n5ylnNPNAAaumcC-jpk7ADQBe5WfOELz0oe5y1rJH5pfRge6S66IQodNRvtf_7JklGTRsoH6-zgGBpi0IhE6jpMAPALbAgAAACZSAAAAAWgBB5kDC-59-7vgRxVHAjgdqX6NpyEprN9QQgdZriMk6CigaR2ZGUmdt6M3gNULE4eSRUsNhhX4h7rHyv4SklSq-fp_wtfxiBC6PLW2n9g6x0cfPaPIJCUllLi4i5X7by1cQzPX4nDFCUKsAJgKzq22dT7mbaa14iZ0HgktQjE27AeLNPfjckh6g2BWqChK7sSuzmIHrnWEtHAYFFy790oYag_5cc1T1JKVIjqO_RZzWLwDpSK8ZbUAb_ihNWUhOWmIO6NLYEycQkroXTnbTq6Bwd_SVAJjaUyeLY-QXmnF9DAIu4qSDipguRsOWtki3tFynSYGw3IAEFuZGpTh8inwnM3JPoVeYfzcfW9BIoN4swICqcbSFmCP1RESPhe_Q0Ub1emDQXGLacL1V8jml6MVYOzFuqNRTpxiRGJb1Qk46rX5eqEu78csrfhKeI_sKDHjIW41SKisJrU36HeAVcVwF6qiVINoxMJxZ4n1u36UTiVDZCbF5stBg7ywTJJeo4iSNyO7ohX2hZpAVdr-8GF0wNO8rrImYnE2M9iiob3HqQUh2E5JzsZgHhlXiCGrPQnya-UjbJtyYl5b6DaOtS19K0UL_x2bqna36Z_7ITqANyibfEO-PeZXLhTFGwJYbFghj3x0X28ua69k0Mwd3eCXRN-2aDPiJahwpboTT9WyLfyh5jMT8DmBHdGp0BrXN3hej7Z6ajgUvzC385yIFVGx6U7zs0ipu0puID-C4pB0r6Mug1riRzi6hbHHDsB6Pybwp4coEcdxT_7MH151FcQc1QpsWp9JWb0iPifIHSHpipkzmkiplb7TaeHdshFLl4jAqX9b9zvvOHVuOA27sFQRWoNgK_kO7pB8ryeP_fbwifM1hxnncUkrNM7sK2NMrROm6hiuEsekzIUutPJA4nkuUflBI0pC-FK98Fr1bBzS3ml3cQGhnoQrnoCEp26eRNTT--bf9ZGDekgYL_-kLhAHB7CggrgMwSse3fkVxjGQMAdPqktrxMH1tCYow37fGMJ0m8W1G6yNzabA9HqucFzD
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D723 		0
0
translator
hbopenbid.pubmatic.com/ 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=91122641649&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
an-x-request-uuid
746b2463-71a6-4a2e-9f20-ec7191598cf8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
04d554fce1eb3b5c1c4abd1bffba3fc9888db07e5a9b84fbe1b28d81ef2c4415

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 05:53:31 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&PageUrl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&PageReferrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ea80571f3f39c551cfa72ec7b7eb1f5a755ff7cdd0ef7428a66ef5f579466d1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
47
content-length
482
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd000fc6ab7de1e0fe4eace53316cfcef45f342402ecfe08705fa231c7423d78

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 15 Jan 2024 05:53:31 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
845bdbd97b5201df-ZRH
expires
0
hb
rt.marphezis.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
adreq
ads.servenobid.com/ 		845 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9698
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
11a39dd207f1b795b121aa8d65433fd59f1e51252bab5a452ea6261447584ba7

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid-request
onetag-sys.com/ 		15 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
fastlane.json
fastlane.rubiconproject.com/a/api/ 		466 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=7d24df13-42a5-4213-a114-e671db62cc6f&l_pb_bid_id=97744810e7d522b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7d24df13-42a5-4213-a114-e671db62cc6f&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.20801417142802547
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b9325984eee950e46e2e851a713796d4d88f1b937ff457cf069e771fbb1d9948

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=12659458-df99-48fd-b834-b24581a32982&l_pb_bid_id=983e384b10fcda5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=12659458-df99-48fd-b834-b24581a32982&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.13654100429347782
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
780a11011f423b6cae82ffab7b3eba531c48c21cad0ca4b44897571c232eaf79

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		468 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=09cb61d4-fc07-457d-88ec-ad6a8fc2be4a&l_pb_bid_id=99b2e2fbf1250a6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=09cb61d4-fc07-457d-88ec-ad6a8fc2be4a&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.5648347768824038
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e2bfd76f836b4eaea3c0a6234c5baeff1229e5cbdb889dcf02b7dc94006f17e0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
468
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=eb7a293b-1614-443b-8f40-a0d2e7e6242f&l_pb_bid_id=1006eb629c4d9bec&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=eb7a293b-1614-443b-8f40-a0d2e7e6242f&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.7313817782975738
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a571ab93426b8aa4955339fb64e2b0de0354e4614d42a92232678285ac4c66d4

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401040101&jk=169572431204391&bg=!fn2lfTLNAAaumcC-jpk7ADQBe5WfOGRNYhLBvuhyKO3Rqq81fYlrrD8D4nMEL_KfbbEqFUAkY8npJOCqI3djbTYnyMH-AgAAACxSAAAAAWgBBwoAjjMt39Hbs2h-WT4t03pCw8j5zXg2sWIFL0lGvJ9nzi6tSoZ7-Xy8H5XpqITWdtrWTuhtgAtnnB3MpIUFfmFttQ5iqF7XmPnPRLkqIoPnaZ5M9ON0eHR0zIoCR0Fr8ylg89nt2G3yhBtBM-UQXx29kW2waQw74MiMJZHexBlL6UT5ii84A6o0WHVI6TmqRlyZAq3DfPprkv5N0k6GkpINInUZbI0cEMNw6bxclGQvhydEi7KUyb-8nKyOqZ1vMTr6GuJ94druN6tgBU1ay4inPaFrjJJkjKGKobgC3Jy7oupThsFQZeFXCuRaMQXgR95wV-pn2iZXWrToi3aTEXYG99qkQP2MP3ttdGZ9Ec9lRruv57l0_iOMj1RtIAnrHWx_fWR8qOlXUp1IQVLdATmSjktUsstX89hz-rsOreputnOqud2fLOcskmCAHZUg3Z-Q3htFgzCKPLDwG1jqp_XNbuVOrou4-OQmf8OzD_UyyuBSuCg6uxL7ic0j8I7h2QuVgYNZxSF8ObldG1fMM5jDe0TFWQoG7yxqalp0Hu_GTUUDTa_-IUeh25ojYi4_Cr5JxQC9ZrdQ17vNGcsae6_sb5c1NYdXTs42fnGn3yaAO4fI1kmViYfkdCquQcimyvOLng_M1EpDcq8vzUNRWjwAE4Og2GQY4DHIm7k8IWhXRtEM5VFp_MIzsMLO2YvO0GH-SkrfnCv8mlW8HCj-O4miSKeVNh_CylVJNFFoOulJsZw1lwnQOt-NEHPV5EjZixpwfz0dVuKTXAr9jwrkt8V5V4HLGzEO8eLTqQ5_b5YCzrhD_yow9t1oSxk31QddsYv7Rg3D1HxkWDDMdDMVxkAKd9H6s-MeZ-EDjQazAZXWwV0vDxXdpXHnQeYCLXjpRUwOcrLhBawCa-6gCxaiMFg4oz6we3G-nfh82ELd5ED9dQdAg1lRQ1x518pIjm3DSOUBWOvAXE82tKBhy-C5OkvqqVELwTE2Qz7GRbnkW2SWtY52BH977-dc6XcSWgR-EVwcmB0rYgD04u3kv7RqU5NWZwPov8rPisQCV5oXNamvn9POH9ToAI0K7I8LTun1hnoeQCzgenjHnyC65CU6ifWF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 62C4
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
1 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
387acf4c13f4ee3d957bf6018fb98d46709d3cf9ca6a11cb7196fccccad1540f

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Mon, 15 Jan 2024 05:53:31 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 15 Jan 2024 05:53:31 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
um
u-ams03.e-planning.net/ Frame 62C4
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D96daf6a0fd113a5f%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=96daf6a0fd113a5f&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=96daf6a0fd113a5f&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-32
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=96daf6a0fd113a5f&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame 62C4
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D96daf6a0fd113a5f%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D96daf6a0fd113a5f%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=96daf6a0fd113a5f&uid=e2b51822-d7d5-43b7-bcdf-2fd09b1c96db
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=96daf6a0fd113a5f&uid=e2b51822-d7d5-43b7-bcdf-2fd09b1c96db
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=96daf6a0fd113a5f&uid=e2b51822-d7d5-43b7-bcdf-2fd09b1c96db
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
um
u-ams03.e-planning.net/ Frame 62C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D96daf6a0fd113a5f%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D96daf6a0fd113a5f%2526uid%253D%2524UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96daf6a0fd113a5f&uid=4990313130819484401
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96daf6a0fd113a5f&uid=4990313130819484401
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
an-x-request-uuid
7d176bf5-dbe0-40f5-a261-e63d89526d44
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96daf6a0fd113a5f&uid=4990313130819484401
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 62C4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=eplanning
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=eplanning
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
sync.e-planning.net/ Frame 62C4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705298011375
  • https://ad.turn.com/r/cs?pid=45&rndcb=1780940545
  • https://sync.1rx.io/usersync/turn/4101092493792332970?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4feff258-aefc-444f-bbe7-edb82969d503-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4feff258-aefc-444f-bbe7-edb82969d503-003%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-4feff258-aefc-444f-bbe7-edb82969d503-003&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4feff258-aefc-444f-bbe7-edb82969d503-003&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-4feff258-aefc-444f-bbe7-edb82969d503-003&dc=fc741bbdfeedcd57&iss=1
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4feff258aefc444fbbe7edb82969d503003
content-type
text/html
usermatch
ssum.casalemedia.com/ Frame 9595 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b51ee5f3a0661ad8c0dd90a187c11ff8c290fdfb5ca246879c77bb8f171f6ee

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
845bdbdaab0701f0-ZRH
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hR0pLoKXhs1XlzmQpG4UKhmbPELTXncrt8H9uGoDhBMbnfzbMz8ozwenQavYmIQc1oI1qkrJ0DVFg%2FBXZUiiMHe%2F%2BvZ7MudOldcLkcoDWG0tOnTKHgLAFsyv02JXRg4XJGt3PmT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
spl.zeotap.com/ Frame C761 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
286fcd6da925653b440f0af6a12ff55ddc2d7e39676564818684cd5d18545bcd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
845bdbdaee310dc6-MXP
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 05:53:31 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
15581
rtb.gumgum.com/usync/ Frame DFC1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.7.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
351220ec22ae42650787f57d03e0c42c35a9e77bde631202cccdfc09fd16669a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 Jan 2024 05:53:31 GMT
etag
W/"03525654b062b27c237d7dd33cac6128a"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60299
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
u.4dex.io/ Frame E3B3 		0
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AMlN6bSrwYr7zSa5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
362358.gif
idsync.rlcdn.com/ Frame 9595
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1ef8a44fa7f9452197aebff7f075714e
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4173150087830260906
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1ef8a44f-a7f9-4521-97ae-bff7f075714e
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%3A1705298012.3130558&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd38a6717-0b6c-4407-a1fc-c8e6a5b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588528606875902&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd38a6717-0b6c-4407-a1...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1%3A1705298012.3130558&_=1705298012.3156075
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdkMzhhNjcxNy0wYjZjLTQ0MDctYTFmYy1jOGU2YTViYmNkZjE6MTcwNTI5ODAxMi4zMTMwNTU4EAAaDQjckJOtBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECNs9csXEj3yOjWOtMb3vzo&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECNs9csXEj3yOjWOtMb3vzo&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECNs9csXEj3yOjWOtMb3vzo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9595 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 9595
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW3N1S94A8KNB9EF4M5Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
11VS28TSN8FPYMTH4S66
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9595
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG38QY2s6A8ku9Qw0H4VnKo&google_cver=1
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG38QY2s6A8ku9Qw0H4VnKo&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVAjneDhJfH4Uaiegwxf8bxDF5pPTekbycDMfssRbsrKw1eWxIW%2BSSqSXU4eI1zFM5Sj8gBr7TxNZGkVEnSCcTXHxJzP1y2oUCa8kSP4KayZwvGleQDslMky%2FqEFqhxQpXXeSmI79ZgGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbdb3b9e01f0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG38QY2s6A8ku9Qw0H4VnKo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9595
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2ccc7d0e55ad18b3&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxsMtTCc2wwNHe5_eAAAAAAA&expiration=1705384411&is_secure=true
43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxsMtTCc2wwNHe5_eAAAAAAA&expiration=1705384411&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRWFnI3zQU33cp2FxX9sM6q1fiziatgb%2Bvp3rnlRSBrnbcDId8%2BuVqgNe%2ByWISF14NpfL3qcBAKjBNvx87kjpatTXR4a%2BLcVUvHWC6jjFXKcetZYBE0yLiTNSDaUSkn3tseXvLIb"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbdc3d0101f0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxsMtTCc2wwNHe5_eAAAAAAA&expiration=1705384411&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9595
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 9595
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210829277812729
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210829277812729
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh4yRPsWyS9EZ%2BpeSnLl8OnuIattaKv3knghX4gC50PL2LvCEfIBgo2Zs8xFpRxSLzfzqMDJ%2Fd4%2FAznm84xjWAmswljHZC8UxjczTw3joa7UXA7U1PSUu8bPJZuN65FAAn8FzbUPxsP8QA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbdbfcc50208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210829277812729
Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 9595
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4536808349406740935&gdpr=0&gdpr_consent=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4536808349406740935&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keoydg%2FslbIxv0dVcm6nTAgZmU5Qx4qTN7nRsFEDbp1GzwcVqhDsfccyY5zfl7Ciu%2B7lvSa6CiIItJWIi1RdxbMbxY%2F2QW94CFD5aT60Rwa%2B6KzeaAM2H5elBKUI4vB1S%2Bcu239Sg16BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbdbcc7d0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4536808349406740935&gdpr=0&gdpr_consent=
date
Mon, 15 Jan 2024 05:53:31 GMT
content-length
0
um
u-ams03.e-planning.net/ Frame 9595 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=96daf6a0fd113a5f&uid=ZaTIWuXKlNON04lx1l0gawAA%263222
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 94D8 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42473046&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0587e88fa3dd5a3fb86dbc3c72dc35dcd3fba78dd1858d9c275d56554c982565

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
ib.adnxs.com/ Frame C761 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C761 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=f1ec1bf4-2e5c-4a8f-97eb-f5701fbd1dfe&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f1ec1bf4-2e5c-4a8f-97eb-f5701fbd1dfe&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdbded00dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=f1ec1bf4-2e5c-4a8f-97eb-f5701fbd1dfe&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame C761 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C761 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f65a7-d1a1-4275-70a0-fe409de2cdbf%26reqId%3D8a6fa18b-2698-4a1c-7601-81142bdb4938%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame C761 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 varnish
x-served-by
cache-mxp6925-MXP
server
nginx
x-timer
S1705298011.440371,VS0,VE82
x-fastly-to-nlb-rtt
81116
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame C761 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:e61:3f00:6418:3db0:a56e:6f03 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
X-Fw-Request-Id
umo0447_1705298011605204821
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa1...
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdbfedd0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame C761 		0
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=44561222254385087641815664406333329197&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=44561222254385087641815664406333329197&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdc5f1a0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-1-v054-0f36061c8.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
TnlVSuVkTvU=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=44561222254385087641815664406333329197&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame C761 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7324199187187890336&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-...
95 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7324199187187890336&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdbbeba0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7324199187187890336&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame C761
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=JVxhWzP65JBq5cprdGoggO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a...
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=JVxhWzP65JBq5cprdGoggO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdc8f360dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
via
1.1 google
last-modified
Mon, 15 Jan 2024 05:53:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=JVxhWzP65JBq5cprdGoggO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0...
  • https://mwzeom.zeotap.com/mw?cid=4627870834427052395
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4627870834427052395
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdcaf4a0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=4627870834427052395
date
Mon, 15 Jan 2024 05:53:31 GMT
content-length
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=dfd4cd54c10dfc00155eb96f3cab5a21&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-26...
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=dfd4cd54c10dfc00155eb96f3cab5a21&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdd8fa90dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=dfd4cd54c10dfc00155eb96f3cab5a21&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
cache-control
no-cache
x-server
10.45.11.30
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-PKija4RE2oqB.jgAfyEYlKhd8FfsdOettg--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-PKija4RE2oqB.jgAfyEYlKhd8FfsdOettg--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdc5f180dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-PKija4RE2oqB.jgAfyEYlKhd8FfsdOettg--~A&zpartnerid=570&env=mWeb
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CHE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=duN%2BMBHnAzOfL0GX08zP%2Bp9%2F2ILae59i%2BS41iYitP1U%3D
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=duN%2BMBHnAzOfL0GX08zP%2Bp9%2F2ILae59i%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdd2f780dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=duN%2BMBHnAzOfL0GX08zP%2Bp9%2F2ILae59i%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame C761 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame C761 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1705298011
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame C761 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:09 GMT
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZaTIWwAOn8wq8gBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-811...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZaTIWwAOn8wq8gBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbde382c0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-mxp6946-MXP
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705298012.766042,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZaTIWwAOn8wq8gBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame C761 		0
0
usermatch.gif
beacon.krxd.net/ Frame C761
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1705298011
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
date
Mon, 15 Jan 2024 05:53:31 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a016-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame C761
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DPGVAN66GEGGTHZ2G5WR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4RD35XBHVQSFH7R6AV24
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame C761 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db46f6...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbddafbb0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
date
Mon, 15 Jan 2024 05:53:31 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2...
  • https://mwzeom.zeotap.com/mw?cid=LREIELHT-J-EAV3&env=mWeb&zpartnerid=1770&gdpr=0
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LREIELHT-J-EAV3&env=mWeb&zpartnerid=1770&gdpr=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdd8faa0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LREIELHT-J-EAV3&env=mWeb&zpartnerid=1770&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame C761 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdd0f6c0dc6-MXP
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame C761
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=YEFLpTVMH_N7Q06jYRUH9WNHSKN7EEj3bhAIEhG0&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-427...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=YEFLpTVMH_N7Q06jYRUH9WNHSKN7EEj3bhAIEhG0&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
845bdbdd2f7c0dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=YEFLpTVMH_N7Q06jYRUH9WNHSKN7EEj3bhAIEhG0&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
an-x-request-uuid
a5c1212e-5fa6-4081-aefe-fd53060d6793
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=FyNssEIuOOYMIWm2Fncg4BQlb7YMcm_iGXK0YkZT
  • https://usersync.gumgum.com/usersync?b=bsw&i=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 Jan 2024 05:53:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fec55b33-3663-5e13-5402-eed96da6419c$ip$176.10.106.27
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fec55b33-3663-5e13-5402-eed96da6419c$ip$176.10.106.27
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fec55b33-3663-5e13-5402-eed96da6419c$ip$176.10.106.27
Date
Mon, 15 Jan 2024 05:53:31 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VTk.r05E2peMrAtf4Yt.jY4JLd0ICMO64sbh~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-VTk.r05E2peMrAtf4Yt.jY4JLd0ICMO64sbh~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-VTk.r05E2peMrAtf4Yt.jY4JLd0ICMO64sbh~A
content-length
0
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=37fe0d3f-75ce-49cd-b1c5-3fd700532305
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=37fe0d3f-75ce-49cd-b1c5-3fd700532305
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=37fe0d3f-75ce-49cd-b1c5-3fd700532305
Date
Mon, 15 Jan 2024 05:53:31 GMT
Connection
keep-alive
X-CI-RTID
5051e407-fa45-4244-a7f3-f94a132f1dd7
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame DFC1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame DFC1 		0
0
usersync
rtb.gumgum.com/ Frame DFC1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=9KcPZIkFmo8X&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=9KcPZIkFmo8X&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
52.208.7.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rtb.gumgum.com/usersync?b=pln&i=9KcPZIkFmo8X&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame DFC1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
date
Mon, 15 Jan 2024 05:53:30 GMT
content-length
0
um
sync.e-planning.net/ Frame DFC1 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=96daf6a0fd113a5f&uid=e_7b1e3db7-124d-4a3d-8799-47aeb9709575
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 8A48
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 965D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YjFlM2RiNy0xMjRkLTRhM2QtODc5OS00N2FlYjk3MDk1NzU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F419 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60299
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9DA2 		70 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:31 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame EF0F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 05:53:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40366.dc2p.scaleout.jp
X-SO-IP
176.10.106.27
X-SO-Key
ZaTIXMCo5tEAANElTFIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"176.10.106.27","key":"ZaTIXMCo5tEAANElTFIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40366"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40366
usersync
usersync.gumgum.com/ Frame BE60
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT Mon, 15 Jan 2024 05:53:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B8BA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 05:53:31 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Pug
simage2.pubmatic.com/AdServer/ Frame A592
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a7df65a4-c85d-4d00-8145-654c2eb210ce&gdpr=0&gdpr_consent=
42 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a7df65a4-c85d-4d00-8145-654c2eb210ce&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:31 GMT
Expires
Mon, 15 Jan 2024 05:53:30 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x10 config_version:"9"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a7df65a4-c85d-4d00-8145-654c2eb210ce&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame F946 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Mon, 15 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
350216
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame ACCD
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
721WJ52FCQAZEKMG3D59

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 05:53:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2NXJ1DNGK4WHCVW09D3B
Pug
image2.pubmatic.com/AdServer/ Frame 07D8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 18F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4990313130819484401&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4990313130819484401&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
94912939-1b13-4ea2-b828-2665060c5554
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4990313130819484401&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C099
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7324199187187890336&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7324199187187890336&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 15 Jan 2024 05:53:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7324199187187890336&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 378A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_994414b5-8461-478a-9525-879f663be39a&bsw_param=c026f4eb-0277-4707-adee-e8fc9092a995&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c026f4eb-0277-4707-adee-e8fc9092a995&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame FF3B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_sVbMzZjXhNUAu7ZbaZBnLAKahs&gdpr=0&gdpr_consent=
42 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_sVbMzZjXhNUAu7ZbaZBnLAKahs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 02:44:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 15 Jan 2024 05:53:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_sVbMzZjXhNUAu7ZbaZBnLAKahs&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 783A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRG5FN0xTWkVBQUJZdmN5bEZJUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABDnE7LSZEAABYvcylFIQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABDnE7LSZEAABYvcylFIQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABDnE7LSZEAABYvcylFIQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4627870834427052395&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABDnE7LSZEAABYvcylFIQ&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABDnE7LSZEAABYvcylFIQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABDnE7LSZEAABYvcylFIQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame AE7B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588528606875902
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588528606875902
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 15 Jan 2024 05:53:31 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588528606875902
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 5F4A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU845984ba8d644232849a67946de2d23a
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU845984ba8d644232849a67946de2d23a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU845984ba8d644232849a67946de2d23a
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 2EA6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 02:52:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame C17B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1965549445137224645
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1965549445137224645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1965549445137224645
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 5B1D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaTIWwAOnyYpkQBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 15 Jan 2024 05:53:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6946-MXP
x-timer
S1705298012.660926,VS0,VE101

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 15 Jan 2024 05:53:31 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaTIWwAOnyYpkQBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6946-MXP
x-timer
S1705298012.545233,VS0,VE96
Pug
image2.pubmatic.com/AdServer/ Frame 1574
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a6794b31b507174a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=dfd4cd54c10dfc00155eb96f3cab5a21&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgUTRWhYbhVaTbTWg&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgUTRWhYbhVaTbTWg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgUTRWhYbhVaTbTWg&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame 7A0D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:31 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-279ac19dc507@version_1.581
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame D048 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:31 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-6
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0069 		0
0
um
u-ams03.e-planning.net/ Frame D984 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=96daf6a0fd113a5f&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/gif
date
Mon, 15 Jan 2024 05:53:31 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60299
accept-ranges
bytes
content-length
5622
expires
Mon, 15 Jan 2024 22:38:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 94D8
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=&ct=y
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
63.32.195.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-195-36.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.236
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.8.118
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 94D8
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=828059824
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=828059824
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
via
1.1 google
last-modified
Mon, 15 Jan 2024 05:53:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
last-modified
Mon, 15 Jan 2024 05:53:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=828059824
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 94D8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGgwekI2SGQxLXFRYjJwbkw5TDJmeFBKUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1379274890732070298&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Server
54.74.215.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-215-17.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzM5MDJFRkEtODBGQy00MzUzLTk2NUItMUMzMUU2QThCMjND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHbVOLfssyUkON6-HP12ptA&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHbVOLfssyUkON6-HP12ptA&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHbVOLfssyUkON6-HP12ptA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 94D8 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 14 Jan 2024 05:53:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5124745693932530935
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5124745693932530935
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5124745693932530935
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 94D8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
73902EFA-80FC-4353-965B-1C31E6A8B23C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 94D8 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/73902EFA-80FC-4353-965B-1C31E6A8B23C?gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hRGqG81E2uVXHil00mvCTY1rxu07WMA-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hRGqG81E2uVXHil00mvCTY1rxu07WMA-~A&gdpr=0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hRGqG81E2uVXHil00mvCTY1rxu07WMA-~A&gdpr=0
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
42 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT, Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=409fd6bcc2141771&is_secure=true&networkId=17100&version=1&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIBG3RGpDR1wNFjPRYAAAAAAA&expiration=1705384411&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&...
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIBG3RGpDR1wNFjPRYAAAAAAA&expiration=1705384411&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIBG3RGpDR1wNFjPRYAAAAAAA&expiration=1705384411&nuid=73902EFA-80FC-4353-965B-1C31E6A8B23C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4173150087830260906&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4173150087830260906&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4173150087830260906&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 94D8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20413bf0-4d0b-4493-a489-03e67703f38b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20413bf0-4d0b-4493-a489-03e67703f38b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20413bf0-4d0b-4493-a489-03e67703f38b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 15 Jan 2024 05:53:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
ads
securepubads.g.doubleclick.net/gampad/ 		254 KB
79 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=169572431204391&correlator=1130873583307831&eid=31080440%2C31079234%2C31080327%2C31079527%2C31080117&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2C0%2Cheight%2C0%2C0&ifi=2&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&eri=1&sc=1&cookie=ID%3D2b67001093ccaedd%3AT%3D1705298010%3ART%3D1705298010%3AS%3DALNI_MZ7nrG8YJWD5HUEPYgBr62tZLrBSQ&gpic=UID%3D00000d41a06d4104%3AT%3D1705298010%3ART%3D1705298010%3AS%3DALNI_MaJ1ZMwyhGP6vuFBWvwpBMgsp_C5g&abxe=1&dt=1705298011504&lmt=1705298011&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C333%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=2%7C3%7C4%7C5%7C6&oid=2&tos=~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&vis=1&psz=1600x-1%7C705x172%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x10%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=1649933049.1705298009&ga_sid=1705298010&ga_hid=1369545482&ga_fc=true&dlt=1705298008758&idt=645&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=840525636%2C1703297318%2C3798138915%2C1897443797%2C1230872867&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50496c620537502a3f9b8df428041a8c8880b998f25d2e33edf5f5310ee7a82b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80715
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl_page_level_ads.js?cb=31080327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
095f3056fe0b1444bf1d15d9ed841ced55a0f20c48b531bb00abf878b61c274d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 08:58:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
75285
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13831
x-xss-protection
0
server
cafe
etag
4498079684702950285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 Jan 2025 08:58:46 GMT
usync.js
eus.rubiconproject.com/ Frame B8BA 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82582
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:49:53 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=ecdb7494-b9c3-4d25-a436-f5b5b359eafc
0
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=ecdb7494-b9c3-4d25-a436-f5b5b359eafc
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=ecdb7494-b9c3-4d25-a436-f5b5b359eafc
access-control-allow-origin
*
date
Mon, 15 Jan 2024 05:53:31 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame 6CD2 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jan 2024 07:19:18 GMT
age
167654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 12 Jan 2025 07:19:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 6CD2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jan 2024 06:59:08 GMT
age
168864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 12 Jan 2025 06:59:08 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 6CD2 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 Jan 2024 11:43:11 GMT
age
238221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 11 Jan 2025 11:43:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 6CD2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jan 2024 04:38:02 GMT
age
177330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 12 Jan 2025 04:38:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 6CD2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 Jan 2024 22:03:06 GMT
age
201026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 11 Jan 2025 22:03:06 GMT
truncated
/ Frame 6CD2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcc15c1161218fda77c5c6d3d3dd7f71e0ab2e8a21cc62b56f131dbc3f21af4b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
14070265004486256410
tpc.googlesyndication.com/daca_images/simgad/ Frame 6CD2 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14070265004486256410
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948b32b0c96a38cdc15deca50ec2ade47e4ffd4f9683de9897bbfabb8f5ab3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 19:10:55 GMT
date
Thu, 11 Jan 2024 19:10:55 GMT
x-content-type-options
nosniff
age
297757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31291
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 14:06:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6CD2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:48:31 GMT
x-content-type-options
nosniff
server
cafe
age
65101
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 15 Jan 2024 11:48:31 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6CD2 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 07:11:20 GMT
x-content-type-options
nosniff
server
cafe
age
81732
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 15 Jan 2024 07:11:20 GMT
l
www.google.com/ads/measurement/ Frame 6CD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO-5kOfyn8pDxtoSu593YnFGR1Izw8JgjhGeqIMqQqDL2c8B_SGCLsCscHWKkXNGSNbOXrlFu_BUJ195_WlBkfurzRnA
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B733 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Tue, 14 Jan 2025 05:53:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Tue, 14 Jan 2025 05:53:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0398 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:30 GMT
expires
Tue, 14 Jan 2025 05:53:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Jan 2024 05:53:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6027 		499 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwdyHggIwAQ&v=APEucNUwT2e1aKLbZNKaQ-APmGH6x3RsTvlgffuapY0TkBrB_-oYjbMjm-h7rbkZYftWYTEOuaoS3UA420865fW12aCIVRDoAX9o5voOWo_v5JXGiWGxWEI
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B733 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B733 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DA2oV2kVCKBjhryvgUgk0mzGcMBM8REL3Tal1wzyPP8yiO8kjeUl3XQuunkYvxfIryDWZtjWfm2uRBhjF6ZrZvJygNlhAH1_VkF_Ww0Iat23Gkfl0
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B733 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:00:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B733 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame B733 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIC1wWdMQ2ooRzY9kh2M_2qPJPt0dlM38fTaeiGhVmV-WK-QxuzWnTWQL2PyifivekZ8h2EEY9TOaXOOIExftdgG_2PQ
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B733 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 62ED 		499 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYmNmIggIwAQ&v=APEucNXcyoQiI9ScNi4JhZ91t0EIqujGJV3hE65MK0SQhYo9ercxsjwt3kRZdUBlIWI8x1e51kvsOBNI7Y3xX4eRUCaPYdNH7s1pb4NXDNvGgSLtPO3jAQk
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DDD4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDD4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTBziaE-Wp-h6IxNpvZSucpC3P1qR363PjVvHwFDm5Mpn21G1QwXKAnezgEhyQObLUEiDw0yEMk4gKrufvGY1XQyltv0LXHnOnyH9THRCI9S6W36A
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DDD4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:00:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DDD4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame DDD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvbwo5VErWiHbTD0i6fFVJgrCYTucojC54XutdHDNmnhwc4UxpJ3l4dTmphoswTv8s9bq3Mr37l4uHP7DVJZPykkJbqQ
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DDD4 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:32 GMT
css2
fonts.googleapis.com/ Frame 0398 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 05:51:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 05:53:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C05A 		632 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 616E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 21:44:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 616E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
21132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 00:01:20 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 616E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
21131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 00:01:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 616E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
207944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 616E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:00:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AC22 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 616E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame 616E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMibcHXwqVXI4IwlOhCeYMHdDnuQ1yebdydeEKpXX3vEt6NMLR1yw2tRwb0cIFKhyujHI-4PKYQlCkGFwd-f_QV4hxxw
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 616E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 05:53:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 616E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5kcmECcr8cT4rZXlnp0S1qPCxZDxV-M5JyAKs8j0OO6m9bF1E7Tx9AQO1MKXGfvDg2cT_3Wut3gTfSjXnZ2ARsUUEMfk7PoHSUmTUH_7QAOaHxyo
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0398 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
23812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 23:16:40 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4269604553
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4269604553
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
etag
RX4feff258aefc444fbbe7edb82969d503003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4269604553
cache-control
no-store, no-cache, must-revalidate
expires
0
khaos.json
token.rubiconproject.com/ Frame B8BA 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F633 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
193362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJ-23y-0KT4IEDNBBX3Dg2I&google_cver=1&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGM...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGMQEjqCh_XZBpIuSVuRiQpl80qw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGMQEjqCh_XZBpIuSVuRiQpl80qw
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 05:53:31 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D8C53900726A4188978AEC6981E9DA4A Ref B: ZRHEDGE1818 Ref C: 2024-01-15T05:53:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSB1TRz3WZ7L35I4lvH2ClwL1IRbhS6YsJkRDe8kP-ygTINZg5FrZJH5umG1hAcoGyPJfEGMQEjqCh_XZBpIuSVuRiQpl80qw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO9aJC9rFpi+TB/4ApqA==
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJfo7rqVpZ55ZUgOGQxGXDk&google_cver=1&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i9...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i9JMn-LfvEp51hW
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmRhAeDY-AVxCNwsBpAtwtqenrTjYzzVaMV_bIqp_ajsS79VUAVMbzUI30NfZActCKXnX9_YM7YSLO-25i9JMn-LfvEp51hW
Date
Mon, 15 Jan 2024 05:53:32 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6DHthg-YxDu3cyLt0XLDMQLpbr-7u_jer_uUsUW2IAQENkGWKxc_8I7SuW-u2nTy7uCO...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6DHthg-YxDu3cyLt0XLDMQLpbr-7u_jer_uUsUW2IAQENkGWKxc_8I7SuW-u2nTy7uCO0I9yw&gdpr=&gdpr_consent=
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTRKgdJhRrxMY-t77R-f3-kL6DHthg-YxDu3cyLt0XLDMQLpbr-7u_jer_uUsUW2IAQENkGWKxc_8I7SuW-u2nTy7uCO0I9yw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 15 Jan 2024 05:53:32 GMT
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOu7G3HycKY7VjAuj2vRAAE&google_cver=1&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp8U2lbglD8t9PojXQ6S8Cz7NQ&google_hm=NDYyNzg3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp8U2lbglD8t9PojXQ6S8Cz7NQ&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR9dsA5x5MYfNeDFXqV8WYBJebwuNft2uCjEWKK3cX4vvjv5VByexbXnMQH4J2evBkw5I6YKp8U2lbglD8t9PojXQ6S8Cz7NQ&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
date
Mon, 15 Jan 2024 05:53:31 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFfo0eKA6huZzhtFwD5Qaas&google_cver=1&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_R...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD&google_hm=WmFUSVhNQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD&google_hm=WmFUSVhNQ281dEVBQU5FbFRGSUFBQUFB
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEFfo0eKA6huZzhtFwD5Qaas&google_cver=1&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD","cluster_id":0,"gdpr":false,"ipv4":"176.10.106.27","key":"ZaTIXMCo5tEAANElTFIAAAAA","privacy_sensitive":false,"uid":"ZaTIXMCo5tEAANElTFIAAAAA","upstream_id":"a-ad40366"}
X-SO-Key
ZaTIXMCo5tEAANElTFIAAAAA
X-SO-Upstream-ID
a-ad40366
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40366.dc2p.scaleout.jp
X-SO-UID
ZaTIXMCo5tEAANElTFIAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
176.10.106.27
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTfN0QloKSgpQtVANYeV67Edjmj1Wazs5-fz_QPY_eUIW7jPDc0huVdgDBbpQCTVkokIW7_RNdwi6CQv84f1UMiZosO0buD&google_hm=WmFUSVhNQ281dEVBQU5FbFRGSUFBQUFB
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJkVdKsU4CYTyOaonaNSaKA&google_cver=1&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQnbTdzkg&google_hm=NTE0NDU4O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQnbTdzkg&google_hm=NTE0NDU4ODUyODYwNjg3NTkwMg==
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7ArPm_16kbIkfYHOESe4VpjBPzKSv-9FHQL_YxeUlCAGbzqQw7gSLtMID5yGW8BoXxVNx-4F-oHFNwwj5Ord_iQQnbTdzkg&google_hm=NTE0NDU4ODUyODYwNjg3NTkwMg==
Date
Mon, 15 Jan 2024 05:53:32 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AC22
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEO_D4VJwK...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c026f4eb-0277-4707-adee-e8fc9092a995&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c026f4eb-0277-4707-adee-e8fc9092a995&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c026f4eb-0277-4707-adee-e8fc9092a995&%%GOOGLE_PUSH_PAIR%%
date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AC22 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIOkP9S-exU9F2a8Hpv4N5KuoTx5cMA2Kx3bsWGIthXKBCXLp-wtqY30iImvO7IXYypwidw3s
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6027 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwdyHggIwAQ&v=APEucNUwT2e1aKLbZNKaQ-APmGH6x3RsTvlgffuapY0TkBrB_-oYjbMjm-h7rbkZYftWYTEOuaoS3UA420865fW12aCIVRDoAX9o5voOWo_v5JXGiWGxWEI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6027
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwdyHggIwAQ&v=APEucNUwT2e1aKLbZNKaQ-APmGH6x3RsTvlgffuapY0TkBrB_-oYjbMjm-h7rbkZYftWYTEOuaoS3UA420865fW12aCIVRDoAX9o5voOWo_v5JXGiWGxWEI
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XYyKKBGuwfneHEnEnylJzDPyOctMmqxRuA2%2BlN05i6ADLE%2FhXSoMj3nZ984HzGy6CPUJ%2FYSsIYQOuuz%2B4ehQDuoTqAVuPGYsIKQOCQo8TbxBmhC7Gtb0%2BdKnjzCR52N1Zf17R2lt7YyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbe0ac160208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6027
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwdyHggIwAQ&v=APEucNUwT2e1aKLbZNKaQ-APmGH6x3RsTvlgffuapY0TkBrB_-oYjbMjm-h7rbkZYftWYTEOuaoS3UA420865fW12aCIVRDoAX9o5voOWo_v5JXGiWGxWEI
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WORSGve6J28tr6VmXtFL81XZ2M2JcoMvmsOSpO4E7iJm27UFIGz%2FwOJxdzecIVlKTgHvYqHxeYVn0O3CtBMGNK5ZEqf%2FZke1iedRb8MmIRPI6wm7B3X4rG4pnoxFTVAOMjwKxgTSGgt1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbe0dc5b0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 62ED 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYmNmIggIwAQ&v=APEucNXcyoQiI9ScNi4JhZ91t0EIqujGJV3hE65MK0SQhYo9ercxsjwt3kRZdUBlIWI8x1e51kvsOBNI7Y3xX4eRUCaPYdNH7s1pb4NXDNvGgSLtPO3jAQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 62ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYmNmIggIwAQ&v=APEucNXcyoQiI9ScNi4JhZ91t0EIqujGJV3hE65MK0SQhYo9ercxsjwt3kRZdUBlIWI8x1e51kvsOBNI7Y3xX4eRUCaPYdNH7s1pb4NXDNvGgSLtPO3jAQk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR4vYL2iQGoobTlw0cV0gdPKN7K8tPvAb0mBDFbPTo5cbmwtYmdGtxO4ebGYtTGQ5RiDHpawE6T7sxD252dRwWA0lqkWpIp3Pj9HhyMG0pUgICW%2BAIpro5kAJi2OjWB7za409Hlzcm4FJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbe0ac180208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 62ED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaTIWuXKlNON04lx1l0gawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYmNmIggIwAQ&v=APEucNXcyoQiI9ScNi4JhZ91t0EIqujGJV3hE65MK0SQhYo9ercxsjwt3kRZdUBlIWI8x1e51kvsOBNI7Y3xX4eRUCaPYdNH7s1pb4NXDNvGgSLtPO3jAQk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yg4V13W0cpaHFg2nKO8o%2B2kUmAjoyjD4uPpURCcC9CcVHl7a9Xq7D%2F%2FUUBtskB2oRCoApZ7OXQR%2BH1aaufEZwb8OQpfDYWUWnLNRQRYl8TxPQ3Z79zL1VOdEmd4VQAAeyuNxZkhuyjShYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbe0ec6a0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4w-UoMX75QsVvjvJ3I_rE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C05A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF-GQiNDNHkaasxuRu5paPc&google_cver=1
43 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF-GQiNDNHkaasxuRu5paPc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
an-x-request-uuid
79e6e78a-83f4-4334-b2a4-1ffa117b06b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEF-GQiNDNHkaasxuRu5paPc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C05A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MDMxMzEzMDgxOTQ4NDQwMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MDMxMzEzMDgxOTQ4NDQwMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
an-x-request-uuid
064e38e8-69b4-40cd-8071-cbedde3f7a69
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MDMxMzEzMDgxOTQ4NDQwMQ%3D%3D
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C05A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED_gEkTeVAzQs0REOIlTrd0&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED_gEkTeVAzQs0REOIlTrd0&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED_gEkTeVAzQs0REOIlTrd0&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C05A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmYyYmJhYmUtZGMwMC0yZWVhLWViNDAtZTQ0OGE5MDgxMDY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmYyYmJhYmUtZGMwMC0yZWVhLWViNDAtZTQ0OGE5MDgxMDY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_GNhCLqnoY_8v-qQEwAQ&v=APEucNWYTwgczWNRivp0UnoceO76DeTd4JNbywsPRGvPr4Xag6olqzW0v4oPua7MaFvKFR3E_500zgv4k2DO2nYoNMjkeFR2499AAGfZKyhyK6X5BHWQa54
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmYyYmJhYmUtZGMwMC0yZWVhLWViNDAtZTQ0OGE5MDgxMDY5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H3
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B733 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6219207289993&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B733 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6219207289993&version=m202309260101&ct=77&x=1&cor=4045453233912609000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B733 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL6MMaSpawsf-72LJelH3XRBMdDwT1B-NJSGEMIKZbcWSeAkj7X0DvGQT0osmBrVzUZnECN8hmWg7LLvS3ro_eG36GYoaOOFZm_ERoZG0pQCn0cHuJdu83fQHs1frSDYxGWsfhEWZzwyrBuSjpDZ7R3TB1QSOknpv2LEcRI6RyQZYm0gI&cry=1&dbm_d=AKAmf-Bi8Dz8w_cQEft5oAvMiaq4PqQGWpBJ-BH0epn1bqlWdurdwA6cbEipQEg8c8yR2eQ9YSi8hsIuTwFf1EyAJ_tiXLQJ5pVkI6F57B_cvdepRXs7DMj08224q4rmn4jjMv1Aim7WrPXEJhACo_gIS55MB0jZLI-PDLZ7lXOVs85vjMqemBsd905P71VlksLYzJbd18MXSE5vuk8NhTDvzY1Rw1AH5SRMbeLA-dSgNczpjQifq4kyaxsST2V_DMA38PySsFk8BpyLbEThJd47H6K25qMb-0rO3btjj88s02kuBeZzWryu4iquRTf-Lc-Sa7PK3GAGlz_BSBM1VxBNEB3VR8tJEpKgCTWrvdLiAPJejtdqquw_v9cESdHG7Fx5Ywr7G-pFpB2uu0epVfreiUfjx2mJaaoZ-_oq7oG9uTGbWxBjE8ZLdUreekyxF0kxYd1cjykP-TjB_0phjshl8EV_sh08DmpCegE_YYa-4x4O6Jt3a2bxSsQud22v4EPZk16OnJW8VdhPXtfN69FUJiW4RBIwJniwUbc2c6rJzUyF7vHjPcldrNrkneSIZ6UOKGf6HKxXp0J92BnkQrwxbRMsnP5S_idlFtpvbwlZ9l-L5434cBBFzmYAU0hGQpzyC4_K4C6rtCJ7G6_8w-W0_-B7X_lf7x4qLTgw54lPBxdQw4m42Hsx6EZUN8BpFzxabBswcV7Q2u79LPBllV-LjtMLWa9LRaf1KeeVhlfY9PMSIwSV9rGGDTS5aPLyvQSJKRaA90OBXYGFoiU49rjsKw9T5WMQHTNgoFT1rbSdvGJYQfaIhM7ija7VJZxc5ceaU4M5bYOUE2muwNblQwf0exVARjs2rCcvZgMEi-l0-vdmnmP1CEnOXzURu9VvK2syMlefWBvKTLKAztALMHqM6xxyCPwKLHmg9QlnrivIrJdeqVfQsMLucR1Vd5xNZTVvMLCD1LuDsIiH53gt0qu7nwzdwrVRsG2PHhcpZ6pJ4X5XmixSMqZBEkKtSTwDoqt-f0BQ0xr8HKYomLl1kA_J7F-NO3dxvd2fwfSZlqrPqVMQlhG0nWC54L2EGa8L7tJxf3tIfNrnpcantKUdbUlUZyI66fAR_TkUdvto9KA2Fu6ztYvO70GU4NOgLX9KdwtYx_naOswbzwntB-KtNzGFfwZtoiMUxMX1EC82_k8Q8f2XMEY2mgvonBYjKdLUUpdL9XKbmtZgsrVhejcRptEbiV_PCS5p3ezxmmJ5hIRYc8FfuQFFwfe7BAArK5AG5Ps8E_yeB6XPhSMUDDPIqOeuKiCKDCiKx6ZKbZ-4htuQckGEVpOEsp8_DPunE5pJsbM9SaGfL9GQA-6QKHtZbLoU7G4BWwC7W3sY8HPdNtmQyrAbrSRXYVath_Pwsl9ncWDUMsm06jfQyxpu6jps3HWEVVwfP4IeaqtFh_hR8rwv3VrKrmES51EfzBQ5x6xQJpfcQ7mYPlTaCIE3jZbNMMrRCA0ZKJMyB0bLSnqVES8ttdFLFiLaglNQxaNwjIhbYh6npQpIVMys2n0SxPsJkBtF8MUnaG5X15FS9jHXp6_NpDp6qrOx-huxVuR5uYQQZtTXbJnPOn8Xd_JZtfkdved4nkGMco3-iGq5KtCE1M17RyWZFo3AW0oGOPyr5O_K79vgD0nC4n1Lj1gnmupWTW-wYL7k08ysWGtXW9s-roBEQJawKrONuCaTM6MBXtWa1QR4gpbBHPfCN9LWj1HCN0K_uhNV1Kolyvz6DkWJvclM2ZxaC92K_W8CspRMJNuO9mFPe8jXpXhUg_ydINfBVAgsMe_-CnbkJ-qNCu5nmYXmpRnu1Rp4RBnqPoVrp6QA_8HJp2rNw65En3PWDrrDd8Nj8JF_HWOXQRVc6EuHkH7maozZ3VhnxOBuNe6FVKNTtZOQHMada9TY44_jGQtC8dmjoXDn0IewfUFYPgfb18c1XWlAwtvatQ7xzlRsFsz1PDCXNfHCXNmaZ3OmNytXWR7D9fYip7yuaoXIN_S9YSwShoZ5DCsUz_rNSRjxIy7uKQZwoMFlyePXGozi6wepLI6XEVe-rPBYonZFp1HYcCS5c6iq7Gyl8ud8n--krxbBpvNJDyNZHiHN1irhR4sVOmFgAHsJPs4oNgkJmrckSnoiZl8TIk8s_-g70HiiY593rWgC2aFKDWwB3tMhTtNn70wVpMtLvwAww09nmb3mT892Kz4kzJn7JxArV5mdt4FwHkF6Qk4yNADX4xuOgP6wY6v9ax2taMSwe7xU1SF8gMKVGMh9IX-FTC0qPDOmLmk1-6oyt3p4cBQ0O7jjldRH7cCOyqadEJmSESHqlHQEu3lsidt1hkGKJqhRpihUVjQewBpcCmYgLrSbaHyvFT60NKaBSk5VT160htpG_BLpil3T1k1gppLiSozQGT6j9Udrhnsv-GfSoEPoUfiG1-_q5VanuvgOI4bI98--H4uM_2hvPqlBWZrzPNarzmSYZJEP3QnobuucSc-g-Yf-AhsUmVwmhnf0j44NEXc1H-kRtC5vbbL5pg56JZ_DpYD8a7HxhnP11c300WGEi1y9M_xEd1wTG1CWucCko25zV6FjSexY0BqC6NnECoLRKL3EvcAQFG7D0Kg4Qu3eWKwsqNIMR7YOZ2PYWY6HjeskxaUFw9pQsoNHcA27RWY4upLt4vh75J3KTfFLA2FKVQca2UNsJw5iHXezHh3B2GwqJdTHTsyPpl9pjA_rw3JCV_twLoCKzsD6ofuIpS7NBMuPgo8-hpbN8ge2Xjl6TyDANhtagnOOx3AgusWAdAIJXz3rudi4hfD7N2WZq9CPNRXAxqxp9GnXhldUF1VfjhPVcL6_O7erIJ5jVVuOcRCRKRYSKQ9gf-eteQpAY8VeC1esAwJ8nQGa2kHoj7GrU8BWygLc28cSw-s-IPApC3f-luqnbC1IzoMqUp2TAt7jcixvZbvnp03Swd9esj8aXkGIn-t7cCOCaFlOXU9aUxeVm-qlFAW1dCB0WrRXOpu0aa7DmbivmwZHpV998BSx7FA04sRicjRerX8fKrnTc1INH2_NDYHqvAPvkf40i7iiMUeBsA2QMqz3sox0qHRuv9lZQNbhIGLbASYUZ19MnEqLaFH1gcIKhBLjLoUTwjAqEpHCyLdSSSHQhT4iDw9aPzpjWTVaA7qAMigoGTAFRwe1lInd12Z4CmxDs7rf7Ll66bGTKsB9hCF22JSv_ZmsVUTeVsC5ANMnvdXouFzobNPpKSU5aCxB_2zU0hNXhHsEnBUiurQx7IfnN_Nn4umpxCyrwMsESI1J0nvsxLPog6UyozctPz1FejtJdgUG6RVIwIQuoeabI8r7osGHuogSeLiEMP6eJPdWsCf92HBi9alf6ZGu78VL32WMdHfwl27vIP-TDdFGXL7Fp3roHpu-YAA60byZxbjekr6hFkud1BUPL85uFZZq0xqEx_avhf2hsUD5Tzpr8tV7z_7aNEHoNfsIToJAIze7VAI_g7Lmi0XJJs35P9RXSRy0aNkPJL5tfaF0OCLxh5vp6rFY5GhBuzcwqWi5lEnD5vY8nh11_OApQWUDgD5mTnsxVNhh9MZex4mvn5miAXOvsNth8etsVMt1bSjNMpyi1DfBOpoUGufcNEG-VHdfhUr8csRWsZbaKL9Of64Wkn_uruEokZIFo0lA7Y9ZDSbHLvxtI4hZ6yPTuYacfXZSoiOmLk11KtmqpcC5lesLox3Ac44bPPkGUTHFGcmNvXiRA6XOvqCz6oQTZGJuPfkjtUYMrBdEBrEBIGPw-htm7VcbERJ4vyD1GDjo4-szkMapfrqan9lFIPQ&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=4045453233912609000&adk=3690638928&idt=90&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff1d04b41c0d5bc20a1ccde277ea9210cba51e735a87f6ceef701d43b36a182d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13882
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame B8BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LREIELHT-J-EAV3
  • https://usersync.gumgum.com/usersync?b=mag&i=LREIELHT-J-EAV3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LREIELHT-J-EAV3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame F633 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 23:00:50 GMT
index.html
s0.2mdn.net/sadbundle/4957660591915578457/ Frame 8E7C 		74 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
962cd3e8b5e1eec750a5226347760e0d3f6f2c0a679a3d6a8e9a43e572fb05ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
156545
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
55598
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 10:24:27 GMT
expires
Sun, 12 Jan 2025 10:24:27 GMT
last-modified
Mon, 17 Oct 2022 12:49:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
syncframe
gum.criteo.com/ Frame C8A3 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:31 GMT
server
Kestrel
server-processing-duration-in-ticks
411490
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Jan 2024 05:53:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6CD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEtGwW8ikZc3VIY_g9u8PsY2RwAqYwOPHdIiyz4jCEmQQASCGm6SQAWD1BaABiKePjAPIAQKpApxeTIt2X7I-4AIAqAMByAMIqgTCAk_QvlWzipS9zK2yL-uUTjdCS_xpMoAyxny4vVlR59yOVG8bWEGc97kZfzAEZDO0bkl7F2MWW6wHCj-7d4TY2etsZBba-cwXvLEUnqqpKMJtqTNXw3D6TwRvtSjgw8Uj8z2nScZ6e13LjGWc92HzrGpgqIMBDW55iQvTZMuzIrngLnMa6yrghPKzpa9ScW-2gnWX3ZrSMAt59DeIS7-54AAU_BS6-b5C4ZAtu0i67rzSv1GwEmnraQOmbhZRj_8MWm1uKY_uxwjxIZxv-sOakoFuh9C5pDgFriIMuLTpl9RteAGkBtZqRDeDR4R2nRtO7QJNiQxhuGqli3S5gMEV2R_S4FSlqvtLyMKgcCYUlyz2gf6FADVdMGiCFTo1-8cCR3ZlOweG2VrAiaFrk79hX4ykUkSIlK6wnzPhzykMgmLAqvLABLTY0b3jBOAEAYgFocCRsk2SBQQIBBgBkgUECAUYBKAGAoAH4Njwc6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEI6lFtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYrJ_akdregwOaCStodHRwczovL3d3dy5mcmFuay10dWVyZW4uY2gvZGUvemFyZ2VudHVlcmVugAoDyAsB2gwRCgsQkPTIiZrhyeeTARICAQPiDRMIhdbakdregwMVD7D9Bx2xRgSo2BMK0BUBgBcBshceChwIABIUcHViLTE3NTA4NTYyMzkyMDQ0MTQY-t58shgFGAIiAQA&sigh=75HufD_HRII&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E7C 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 05:53:32 GMT
300x250_Swisscard_KMU21.js
s0.2mdn.net/sadbundle/4957660591915578457/ Frame 8E7C 		35 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4957660591915578457/300x250_Swisscard_KMU21.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584346f26569e3b8d3b6db9084bf4699cc003096009fd4d57839c719feac9a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 10:24:27 GMT
date
Sat, 13 Jan 2024 10:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23306
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 12:49:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B733 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL6MMaSpawsf-72LJelH3XRBMdDwT1B-NJSGEMIKZbcWSeAkj7X0DvGQT0osmBrVzUZnECN8hmWg7LLvS3ro_eG36GYoaOOFZm_ERoZG0pQCn0cHuJdu83fQHs1frSDYxGWsfhEWZzwyrBuSjpDZ7R3TB1QSOknpv2LEcRI6RyQZYm0gI&cry=1&dbm_d=AKAmf-Bi8Dz8w_cQEft5oAvMiaq4PqQGWpBJ-BH0epn1bqlWdurdwA6cbEipQEg8c8yR2eQ9YSi8hsIuTwFf1EyAJ_tiXLQJ5pVkI6F57B_cvdepRXs7DMj08224q4rmn4jjMv1Aim7WrPXEJhACo_gIS55MB0jZLI-PDLZ7lXOVs85vjMqemBsd905P71VlksLYzJbd18MXSE5vuk8NhTDvzY1Rw1AH5SRMbeLA-dSgNczpjQifq4kyaxsST2V_DMA38PySsFk8BpyLbEThJd47H6K25qMb-0rO3btjj88s02kuBeZzWryu4iquRTf-Lc-Sa7PK3GAGlz_BSBM1VxBNEB3VR8tJEpKgCTWrvdLiAPJejtdqquw_v9cESdHG7Fx5Ywr7G-pFpB2uu0epVfreiUfjx2mJaaoZ-_oq7oG9uTGbWxBjE8ZLdUreekyxF0kxYd1cjykP-TjB_0phjshl8EV_sh08DmpCegE_YYa-4x4O6Jt3a2bxSsQud22v4EPZk16OnJW8VdhPXtfN69FUJiW4RBIwJniwUbc2c6rJzUyF7vHjPcldrNrkneSIZ6UOKGf6HKxXp0J92BnkQrwxbRMsnP5S_idlFtpvbwlZ9l-L5434cBBFzmYAU0hGQpzyC4_K4C6rtCJ7G6_8w-W0_-B7X_lf7x4qLTgw54lPBxdQw4m42Hsx6EZUN8BpFzxabBswcV7Q2u79LPBllV-LjtMLWa9LRaf1KeeVhlfY9PMSIwSV9rGGDTS5aPLyvQSJKRaA90OBXYGFoiU49rjsKw9T5WMQHTNgoFT1rbSdvGJYQfaIhM7ija7VJZxc5ceaU4M5bYOUE2muwNblQwf0exVARjs2rCcvZgMEi-l0-vdmnmP1CEnOXzURu9VvK2syMlefWBvKTLKAztALMHqM6xxyCPwKLHmg9QlnrivIrJdeqVfQsMLucR1Vd5xNZTVvMLCD1LuDsIiH53gt0qu7nwzdwrVRsG2PHhcpZ6pJ4X5XmixSMqZBEkKtSTwDoqt-f0BQ0xr8HKYomLl1kA_J7F-NO3dxvd2fwfSZlqrPqVMQlhG0nWC54L2EGa8L7tJxf3tIfNrnpcantKUdbUlUZyI66fAR_TkUdvto9KA2Fu6ztYvO70GU4NOgLX9KdwtYx_naOswbzwntB-KtNzGFfwZtoiMUxMX1EC82_k8Q8f2XMEY2mgvonBYjKdLUUpdL9XKbmtZgsrVhejcRptEbiV_PCS5p3ezxmmJ5hIRYc8FfuQFFwfe7BAArK5AG5Ps8E_yeB6XPhSMUDDPIqOeuKiCKDCiKx6ZKbZ-4htuQckGEVpOEsp8_DPunE5pJsbM9SaGfL9GQA-6QKHtZbLoU7G4BWwC7W3sY8HPdNtmQyrAbrSRXYVath_Pwsl9ncWDUMsm06jfQyxpu6jps3HWEVVwfP4IeaqtFh_hR8rwv3VrKrmES51EfzBQ5x6xQJpfcQ7mYPlTaCIE3jZbNMMrRCA0ZKJMyB0bLSnqVES8ttdFLFiLaglNQxaNwjIhbYh6npQpIVMys2n0SxPsJkBtF8MUnaG5X15FS9jHXp6_NpDp6qrOx-huxVuR5uYQQZtTXbJnPOn8Xd_JZtfkdved4nkGMco3-iGq5KtCE1M17RyWZFo3AW0oGOPyr5O_K79vgD0nC4n1Lj1gnmupWTW-wYL7k08ysWGtXW9s-roBEQJawKrONuCaTM6MBXtWa1QR4gpbBHPfCN9LWj1HCN0K_uhNV1Kolyvz6DkWJvclM2ZxaC92K_W8CspRMJNuO9mFPe8jXpXhUg_ydINfBVAgsMe_-CnbkJ-qNCu5nmYXmpRnu1Rp4RBnqPoVrp6QA_8HJp2rNw65En3PWDrrDd8Nj8JF_HWOXQRVc6EuHkH7maozZ3VhnxOBuNe6FVKNTtZOQHMada9TY44_jGQtC8dmjoXDn0IewfUFYPgfb18c1XWlAwtvatQ7xzlRsFsz1PDCXNfHCXNmaZ3OmNytXWR7D9fYip7yuaoXIN_S9YSwShoZ5DCsUz_rNSRjxIy7uKQZwoMFlyePXGozi6wepLI6XEVe-rPBYonZFp1HYcCS5c6iq7Gyl8ud8n--krxbBpvNJDyNZHiHN1irhR4sVOmFgAHsJPs4oNgkJmrckSnoiZl8TIk8s_-g70HiiY593rWgC2aFKDWwB3tMhTtNn70wVpMtLvwAww09nmb3mT892Kz4kzJn7JxArV5mdt4FwHkF6Qk4yNADX4xuOgP6wY6v9ax2taMSwe7xU1SF8gMKVGMh9IX-FTC0qPDOmLmk1-6oyt3p4cBQ0O7jjldRH7cCOyqadEJmSESHqlHQEu3lsidt1hkGKJqhRpihUVjQewBpcCmYgLrSbaHyvFT60NKaBSk5VT160htpG_BLpil3T1k1gppLiSozQGT6j9Udrhnsv-GfSoEPoUfiG1-_q5VanuvgOI4bI98--H4uM_2hvPqlBWZrzPNarzmSYZJEP3QnobuucSc-g-Yf-AhsUmVwmhnf0j44NEXc1H-kRtC5vbbL5pg56JZ_DpYD8a7HxhnP11c300WGEi1y9M_xEd1wTG1CWucCko25zV6FjSexY0BqC6NnECoLRKL3EvcAQFG7D0Kg4Qu3eWKwsqNIMR7YOZ2PYWY6HjeskxaUFw9pQsoNHcA27RWY4upLt4vh75J3KTfFLA2FKVQca2UNsJw5iHXezHh3B2GwqJdTHTsyPpl9pjA_rw3JCV_twLoCKzsD6ofuIpS7NBMuPgo8-hpbN8ge2Xjl6TyDANhtagnOOx3AgusWAdAIJXz3rudi4hfD7N2WZq9CPNRXAxqxp9GnXhldUF1VfjhPVcL6_O7erIJ5jVVuOcRCRKRYSKQ9gf-eteQpAY8VeC1esAwJ8nQGa2kHoj7GrU8BWygLc28cSw-s-IPApC3f-luqnbC1IzoMqUp2TAt7jcixvZbvnp03Swd9esj8aXkGIn-t7cCOCaFlOXU9aUxeVm-qlFAW1dCB0WrRXOpu0aa7DmbivmwZHpV998BSx7FA04sRicjRerX8fKrnTc1INH2_NDYHqvAPvkf40i7iiMUeBsA2QMqz3sox0qHRuv9lZQNbhIGLbASYUZ19MnEqLaFH1gcIKhBLjLoUTwjAqEpHCyLdSSSHQhT4iDw9aPzpjWTVaA7qAMigoGTAFRwe1lInd12Z4CmxDs7rf7Ll66bGTKsB9hCF22JSv_ZmsVUTeVsC5ANMnvdXouFzobNPpKSU5aCxB_2zU0hNXhHsEnBUiurQx7IfnN_Nn4umpxCyrwMsESI1J0nvsxLPog6UyozctPz1FejtJdgUG6RVIwIQuoeabI8r7osGHuogSeLiEMP6eJPdWsCf92HBi9alf6ZGu78VL32WMdHfwl27vIP-TDdFGXL7Fp3roHpu-YAA60byZxbjekr6hFkud1BUPL85uFZZq0xqEx_avhf2hsUD5Tzpr8tV7z_7aNEHoNfsIToJAIze7VAI_g7Lmi0XJJs35P9RXSRy0aNkPJL5tfaF0OCLxh5vp6rFY5GhBuzcwqWi5lEnD5vY8nh11_OApQWUDgD5mTnsxVNhh9MZex4mvn5miAXOvsNth8etsVMt1bSjNMpyi1DfBOpoUGufcNEG-VHdfhUr8csRWsZbaKL9Of64Wkn_uruEokZIFo0lA7Y9ZDSbHLvxtI4hZ6yPTuYacfXZSoiOmLk11KtmqpcC5lesLox3Ac44bPPkGUTHFGcmNvXiRA6XOvqCz6oQTZGJuPfkjtUYMrBdEBrEBIGPw-htm7VcbERJ4vyD1GDjo4-szkMapfrqan9lFIPQ&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=4045453233912609000&adk=3690638928&idt=90&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
207944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI5ODAxMjMxMzU4NwogIHNlcnZlcl9pcDogMTM0MDU1Mjg4CiAgcHJvY2Vzc19pZDogMjA4MTI1ODEyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame B733 		0
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI5ODAxMjMxMzU4NwogIHNlcnZlcl9pcDogMTM0MDU1Mjg4CiAgcHJvY2Vzc19pZDogMjA4MTI1ODEyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzUxNTU1MjYyMTEyMTU4MDUxNQpkZWJ1Z19rZXk6IDE2MzM0ODY3OTQ0NjYzNjUzNTU0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQ1NTgxOTUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDAyMDU0NjA3MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTE5MTc0NQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3892ecb214b8b0690000000000000000","13":"0xd488973b39a1aaa0000000000000000","14":"0x9a4f2ba09cfde7b70000000000000000","15":"0x77d6231e0aad776d0000000000000000"},"debug_key":"16334867944663653554","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"3515552621121580515"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/imp/1/225039;7938487;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x250/ Frame B733 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/225039;7938487;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=pastelink.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://pastelink.net/giu5j4j0&ft_partnerimpid=ABAjH0jh94MiQph8NRdydisaoJFz&pub_id=1&sup_platform=1&cachebuster=852126.6067441056
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app6.frk11 /
Resource Hash
5d6d2c88d8e0c17a981acd0a3335fa05d4172c4f3ea247cb4e513450cb1a2e46
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app6.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
915
Expires
Mon, 15 Jan 2024 05:53:32 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame FF90 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
193362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDD4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3469350744786&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDD4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3469350744786&version=m202309260101&ct=77&x=1&cor=10712689775016920000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DDD4 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBuXMMOE4SFwFgxfpoupAyecVJxVndX_MA9wDB218y4hnFGx3NTBBA-Yhh6CF4uLAJ0mnMfEybRkh_ZwF48PujtdCd_bsLClp-ZUMiDSBwwwafuyfAe5VRX9dnFJCwFQFC6H2N8-i-hKy-nk80MgXc_r63d90QYJDI71ovmlvRXsGIPeI&cry=1&dbm_d=AKAmf-AzJDQEwMk0ibHfksY0dDQgXjTOOmMaK2Ml2xJrDO9hZR2dBklUpE0mUq0N0DQWaDHnVk7cLPgpUChi-MyGDYHF0KV-fSkzT7dgMHSWHEt4qTK7tLNt-clYJpecE8cS08KXeTDiD22DWnduRSNdjF3R-qGKdKOmxSjVGKK-5PBUx_QXZclFcKE1HOI6XEa6a367gs_0G8OyWMyjsXQj3zgtb5-AwZGiFIfBr4iqgzSbrrcFajp4Qa3ku_CbZu-YW8JvukFx1tu1YCJMMkH1H86VvmcAk2w9loHizAhSDUlSja1OWvuU9FahArrKtK7letekZvrGfA6nWom3cF-9gt3L9nvM9h5KwVtTg0IDHsDpzxNypnjW7O4UvjQq1K4ppf1wPhEOFWxBIU2HU0mCfxlZIyK86GGQrylcqhqax8T8i4v0XDU9RQ1v8XXn0ULurbYVmO92zN-bjZSaxH3htCFYy7hInYBBdFg6ZtytX-igqps1mLcSOkeDSgt6WnEcFVmrcxZdYzsOFUleQgCAgBxLGAxbuvkw7N7v18Ph6-mz4NZX7kyhbaJm0mgn29YSV3RQ9cotjWCLz_vTIn-xJtK4O-thtdmjdqUh0mA9pG0AyUX974296be-dROTqtV1Vmfy6S2yiiZ3TRQd5RntelpSUcdBsM2CsNnBE0h1JjjQz8YYGpi2M7Z0mt8uO4_1e5LwtWxp6n0Yiq1HplMd2XG8oPHB4b3l8FfBeURy-LRf7NwmsC9-vQZ8KIvav5AHjJSJHoXkxu0N89xGcDWyGjwN6eJ7IY1xbjXZr-BKZoP2Tx3s3NpZWHElnOEspX9UOruJP5v7_QB8G0QaNZ7k571IRfdFafs3wMyENY0erSYxdLuSwOb1Y9Y5zekmbuCDeH7DNHWs8lCnE_3XXv0kx6KeWLwEX_pnDXIdj45o7I2opwO7O3sdEDU7M8fO0dYLoZnwuJ9tyUSZ9j16F-Hg6DkYREY9-dq0brdp8dr3Z8JFiThRqsfmaeyBq_CNJ4TEphR8yOCHRwdWTOefCsQr_P7YHU8ny0pjRcF9X9BNvRQSZLO7EhsvX20Q18cAEtoCgHpuxXdt5FMERUaSo2-YCuZK419X5-iOPM-0G3cVuJ26fTDcZRrJJ-_cbcDerDp-D5KEgv7lofnWiWjREctZjSX6g1NDOqIIyC6wSN26o5Z_x2gsWs8qdClAVzbSfEaT6BIieeWFg0-gg5f_ETRHgxvZPRX5SJn-UljIutE6N258_6sl4f2dGZw18z1cU8uNVpgugWG3b8_jHrcUKm6CXJn9pzi0t6Hq8KyNx1S5nRZXKarXSwoLY26hwmq0tFa7AFqTNBWINiTa51huTKTLVbrG4LyvPiWNTABQMaOgvpP-0uop7hezW94-gVZCEZJj70LiMs7JHDehejQHHBnrMWxBCybyaI2amzT5XBd3-ET06-Zu38M8hvzVIslYJ-MfxqI86Bkj3QgzHvaGk3XlNYA5c5cJS3bWJje2GX5eYkLOPUuexKsnFUMEw8MrNb9_YT8bbLqBRLpJmySj-daHJ2m-m-O2p30gWpHXcAR2wpKI9KR0urnwRz7sexYF3FrUypi98ScQs6U-XM_jCsZb1evJ3ZJ62bNX-LLHxEgR13fsJQRGRorPR4cyDqlMXzdH0Ykh2K7AbQCTlieGJ09D-9qaQRvIhUCwlESO7Ow-_Wrzv9qnzY6XYvNLRO9OOCIGIhXarQSNr-Ay452coy2GI-_c7v2_crXF-q5ZPDkz74dd1oYi1RfUI1VGNxRcciw2mQHDBa8IPxxctaiP6LXKS-CV1gSxDA8oAlkPPLdXOI7zd2G5MS1n4B0mcmMuemJBqs8bHUiKwqcgFLl-aEAmlzqA6I4XXYIdXtHIUraxEWlqwGDiodmjlWE7t1vi7sXgFBXT3JXbB_V-sDj57h5pBD8u8I8j4bbAnM9HiJsKE6XW8eM5aEadSBsJtCB-9AlIdCqtzm2Sw05yY6GJmze26nO-LYCICfXbPdNi_YygOEcaFqJ83WExIJvU9rkZacNqlX_A5LKjLY69gkpUPkZiygLV63kLbIeth8eGg34QSw9dr-0Rg_T1XtgEwDiRBADEuhLD2xtM9R_PHYptYHbzjaGXWqyr8nbqq_qaoGDjGJrFPpQDnGk7yTimF4kiqhRuZ8dsCMu85bTKLNRBQ5Mu_Pvd8cs48ognBhdkgiVDY-Z4OJleZWHVMTyyn2364ydGbJVR0eJBNGiSa2ZmWYH2O4TPhaKstf9ziYm1TxatFQNEVjNnlINvQ1d-2YgBDinG_hCSX4gp0_g2ehQdSGsII9zwmmx8YGCP9bnbaNGiZZ6EdenDexvZESgDOXulf5WmH0uAvZkADUU12QVgJrfHapdO8tftXxPARjtclDHLq6SKv2a5hy-Qk0rWsD5TejdB80QsMe6CqRhNCTMC2esq8mwTGZjFSGdjUPfZGWO6giUdjcJlOCIfy3Ldcmbgkrx9BYXE5KilLrE1XCxgw0KKAq8N99KjWaizYdOOli6EjVDRautT6Dm8a4iqAzii9q3QXrVqjdCeriygayR9uFmKwH48hKWy8vulhcieq3yn0EYUMI16ax5iZcXuAm2QdS60XaUOoVqnd2SXdW-ylkpub33ys3oceHilSv0iYC3-Mr32VAoQVGFhncgDLpmHko0iyAPo2ARy-X_w-hIGzJFGxrqP4y0dmjbXEq0GN9ekmZ87TpKxga5qhBdg6b0poqH3J3WBSx6wU5mJxkrmg1SNab92LVWyK2nwYOIUiqteVTI2Lq-1vB0TlZURbSwGfLc-_fluhffqwcF1gtcxHmXRwctQzBxdxHkto1lvuRLCWB1qrHDHBJmaqknqBUOCf6B_Kh_GPHH2oQkUJeVpXCUiVOIUOHQU5mXojosrTATjaCh1MSHpixdrOc0jIVZB7PxdRVFzNKdboog-QtdtExqtdKitzXaMPwDbwW4gM3JA8KcIq59QJXg20t1Gh-3E77DEMMBFairpWyAG6nybySGmbFlw2YvF5Hpm_Gdu1BEtTkexUCQvdt4nViyKfihMHk4y2K67zbqjX1ux07-7-czvpiV-PmJmFIFAWYbRdxWfI6mjEERTxub_p6KzsB0Sx4zCuedyN-P5n_ePRJiEEz83CUK63Qd20avP2HARbePoq99lBfipSBViTqGQ5adXBEYdbvkdtKERzG6xsW0xpBZUw2HxcqjIJBTIub0i8XP-8WAv30iKpzRBjtXKsBG5s1nMcVZaKzhFM0SfkRCtUD49vwaKD-uUqmGSH1RUcDaUEtxuH1w_g-lLa3mIu-Au83ecLcnkS5nQ5V_e_NLVIoZ79G-OhYZC7_B-FqeKe91pG7GulFyR3SA1HFiO-00vQyLnedeUrZaPGeaX0-T5Jv-36RU_-pyCAxP864oSM4IzLHWEPFE8qGKqSovAzh7ityuI0mgrSb2o4-l5ZZpoCzB2MgdjBeUf8CrnOVly8z0iGthg5lBODVm8KitFNAfYFbIp0g1BYkw_yfvr8yTfu4CiGoeq0FeuieqS-dPqLQQba6xGjrFQPsLB67J-B8xelLcnwZNLo-gnKnIWN4AE-LgDs1TSUKIlZ69XFaf523vUtMb8Thx1C8KvRs5FrxTiofoTJb1Xy6hhoU2voXj-m0aosHXGUjK2OBJYEi0ajTkLczSJNDTDkFV2gpJhb0v8nKaT6MDZ3SHWHHEOeSPg1mzMV9B-ThTHUW7K-SeveNBg--hCNWD-S5bdV2UvOGNgGpkqsjnKlRvFsejT5o9G74SdzgS__HDuYVf38tEauwx8IEIocRXcfIE&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=10712689775016920000&adk=1033480540&idt=240&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dedc6b8a2e52bb58c4ea36524d1767e7f3eb7f5688ef78c5d42924bf7ba9ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13591
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8NzDxhevkzMMuMZASpbiEw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5D38FLRE2oKIMRVOFcNOkUOx3oeApPcWhxLcHw--~A
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5D38FLRE2oKIMRVOFcNOkUOx3oeApPcWhxLcHw--~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 15 Jan 2024 05:53:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5D38FLRE2oKIMRVOFcNOkUOx3oeApPcWhxLcHw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJFSUVMSFQtSi1FQVYz
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAAdofvtEzVv6yg7AnfpF6I&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJFSUVMSFQtSi1FQVYz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJFSUVMSFQtSi1FQVYz&google_push=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJFSUVMSFQtSi1FQVYz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B8BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP1QGQ06jrL-7NYyC5qNgWQ&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP1QGQ06jrL-7NYyC5qNgWQ&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP1QGQ06jrL-7NYyC5qNgWQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B8BA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Pnn7WYGuSsKzu3Famhau-g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Pnn7WYGuSsKzu3Famhau-g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Pnn7WYGuSsKzu3Famhau-g
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YQK0E32VYR6FATV68P6E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Pnn7WYGuSsKzu3Famhau-g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM0OGVmZjE1MTVkYzk4Y2MwOTkzZjE0MDgxNGEwNjQ0ZjdkYTM5Nw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM0OGVmZjE1MTVkYzk4Y2MwOTkzZjE0MDgxNGEwNjQ0ZjdkYTM5Nw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM0OGVmZjE1MTVkYzk4Y2MwOTkzZjE0MDgxNGEwNjQ0ZjdkYTM5Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B8BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LREIELHT-J-EAV3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LREIELHT-J-EAV3&ex=d-rubiconproject.com&status=ok
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1QFSDA4CW61RD8T04Q4B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LREIELHT-J-EAV3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
setuid
px.ads.linkedin.com/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LREIELHT-J-EAV3
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1538743967BF4D1F90DB3A4B199414E3 Ref B: ZRHEDGE1818 Ref C: 2024-01-15T05:53:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO9aJHVwxSHnwFNj0f8A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LREIELHT-J-EAV3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B8BA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B8BA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TV7EUMnjRnS-lqiYuas5jA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TV7EUMnjRnS-lqiYuas5jA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TV7EUMnjRnS-lqiYuas5jA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TAM0YAPTKJ6266BY8G6R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TV7EUMnjRnS-lqiYuas5jA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame B8BA 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.16.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-16-244.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
hb.yahoo.net/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LREIELHT-J-EAV3&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LREIELHT-J-EAV3&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wSTQ1VmZGRTJ1RkdmTVJHVFQ5MTREelJnNFhrLi5OUH5B&ovsid=LREIELHT-J-EAV3&dpid=58160
56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wSTQ1VmZGRTJ1RkdmTVJHVFQ5MTREelJnNFhrLi5OUH5B&ovsid=LREIELHT-J-EAV3&dpid=58160
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
23.50.131.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 15 Jan 2024 05:53:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Mon, 15 Jan 2024 05:53:32 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wSTQ1VmZGRTJ1RkdmTVJHVFQ5MTREelJnNFhrLi5OUH5B&ovsid=LREIELHT-J-EAV3&dpid=58160
date
Mon, 15 Jan 2024 05:53:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
receive
pixel.tapad.com/idsync/ex/ Frame B8BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LREIELHT-J-EAV3
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LREIELHT-J-EAV3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame B8BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LREIELHT-J-EAV3
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
18.157.200.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-200-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LREIELHT-J-EAV3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
merge
ce.lijit.com/ Frame B8BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LREIELHT-J-EAV3
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LREIELHT-J-EAV3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
liveCS.php
live.primis.tech/live/ Frame B8BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LREIELHT-J-EAV3
0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LREIELHT-J-EAV3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Server
2600:9000:237d:fc00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
content-encoding
gzip
via
1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
DpnDmqTdYLMVat1PLW0keQx4fMC9JaO8Ve4q613jlXWoK-PuPkB2pw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LREIELHT-J-EAV3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B8BA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=37fe0d3f-75ce-49cd-b1c5-3fd700532305&expires=30
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=37fe0d3f-75ce-49cd-b1c5-3fd700532305&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=37fe0d3f-75ce-49cd-b1c5-3fd700532305&expires=30
Date
Mon, 15 Jan 2024 05:53:32 GMT
Connection
keep-alive
X-CI-RTID
cc8108e9-4a73-434b-a06a-565fc069c284
Content-Length
144
Content-Type
text/html; charset=utf-8
bild.jpg
s0.2mdn.net/sadbundle/4957660591915578457/ Frame 8E7C 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4957660591915578457/bild.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebd78be78a2bfb10d766032cdafa68d0eb68589f0cade246d995c7470b7e09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4957660591915578457/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 13 Jan 2025 23:15:54 GMT
date
Sun, 14 Jan 2024 23:15:54 GMT
x-content-type-options
nosniff
age
23858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61920
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 12:49:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sid
mug.criteo.com/ Frame C8A3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=aWmNb3xucGhPcVEzdmxMNnZVczJ6UXhPNXNyVG9WYXNjTFVGZjBldGFwbGcra0dqQzM5ZUdiUWVuMlhJZEt6Y3pjSk5kU2s3eDVYdjJXWDBDZ0txdzNON3dRbkNpQm96ZGpOWWpWd0Y0dVlRZXgrb2d5UnNEYnFBWTA0MW...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aWmNb3xucGhPcVEzdmxMNnZVczJ6UXhPNXNyVG9WYXNjTFVGZjBldGFwbGcra0dqQzM5ZUdiUWVuMlhJZEt6Y3pjSk5kU2s3eDVYdjJXWDBDZ0txdzNON3dRbkNpQm96ZGpOWWpWd0Y0dVlRZXgrb2d5UnNEYnFBWTA0MWR4YStqM24yWTY5Vi9mVmJuZnJGZnE0c2VVcmtNWjFwUkJ2cmhpR2JiOE5BUmswK0pPM3R6VS93RnJmSFVrNFE5b1BUcnIzaU1MMEJBZ0d1MnN4WXoybHI4dWIvWGdwZ040aEphRkJxcGtrYVFnWUFXS2FUTGJFSTZwQll0bkN3YnpweVdyRkd5M012Zk9DbFFqdkJXeUdhSzJ0NVp3dUtEWEQ5bEVjRlZwQS96K2V0aWduWT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d1c589479c17ff8fadcd08973adc0f6b48f2c2908f77fc118f439b57ac756728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1415264
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aWmNb3xucGhPcVEzdmxMNnZVczJ6UXhPNXNyVG9WYXNjTFVGZjBldGFwbGcra0dqQzM5ZUdiUWVuMlhJZEt6Y3pjSk5kU2s3eDVYdjJXWDBDZ0txdzNON3dRbkNpQm96ZGpOWWpWd0Y0dVlRZXgrb2d5UnNEYnFBWTA0MWR4YStqM24yWTY5Vi9mVmJuZnJGZnE0c2VVcmtNWjFwUkJ2cmhpR2JiOE5BUmswK0pPM3R6VS93RnJmSFVrNFE5b1BUcnIzaU1MMEJBZ0d1MnN4WXoybHI4dWIvWGdwZ040aEphRkJxcGtrYVFnWUFXS2FUTGJFSTZwQll0bkN3YnpweVdyRkd5M012Zk9DbFFqdkJXeUdhSzJ0NVp3dUtEWEQ5bEVjRlZwQS96K2V0aWduWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
366856
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F633 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRiwCW8ikZdDVIY_g9u8PsY2RwAoAAAAAOAHgBAI&bg=!9fal9rnNAAaumcC-jpk7ADQBe5WfOCJTJsVdhw6hjpwjGUfNlaWp1ZC7rULyOsJ3UNxTUndsc-kFX58o0CnaqkzRNu7oAgAAADVSAAAAAmgBB5kDZJ4mBt3nUo6_48HG1q7Ryd9CkO1motK3CfqbXr_H1ZvzieHgL2sMX3rZwUF5EHWkuVxjLyb-t1pbWWcHW7-Wz3jPkFZmnGVlXipic0SBk7MaYm-PeFdg9Sd_6lidHHDW8_8PeZ-WI7UjILR_frTl1GqkNwws1hg0DabmlXB3xS2pdWWjw2GH72pOE28BdmBbIJgRl6R9sAxF5AUowqliqXXx-zCZ-yDYrUf4aey7kscLTThRVdUUDmzaCbZfkyDP2mdvGqvKxJQ3pGIkHI38R5O8ZKd6czdUEA8MIm2tejCMlBeTl0Whujp3W1Vumho1lAKJl0NvuWEana_AEuogqXTbCs-nWbHBvYAjjyCM5cDD3rdKxHIIDohBtPK_G092bxYuaFVnmzKsSaAxK7k_68mTOotGc8IEniS-OI346p-WSrpVv0AxeXlsCBm6twZX1_SKmBIjf29YoC7oOv0dtbhFFJ2VEbLEIFmEusf8-biU3wVOX5HN8ETAiWW7YLw1MB6DGziiqd_0q-om8CaMJTyw9no2NwirJw4VF640-I16Fw447hNg1F98KoDU6-Fsh8q5S_OxweXh9iVju_-3FOf4fZOX5J1eswKmopVaRx-iT_m1QR5E-JGQE2EhSbvZr9AIY1a3g4mJaijkEekfRyRF7cpDER6qyhQgL3HuSW0guDfxRnB11fX6OONt4IjYn3Ud3a66QoavQFxucKzTnVF2h1IIrfMdWJ1q_-Shvcnb8-rrABj5kIGp6j88LxydFdMUunFggzINk3v0UV_Za7ip9_4VZgVCaBKqYLuYctxYUlUHhb__HdrM7W21eeEvBD4Tjxa77Dtq2rVWVKrurz1sCYdPR5oW5m-UBDKHv5SFjlz84O2nlblWX7WhrsmUUH41L1vEhSXdWDnZK-PyZqMAahpSNJNhEhTJXWZvODOca_rqJ0yAHia-ICNNm-7ZR3QUng4dv9XLIgB55HGwySwPy4MI2hUXColv47_WclBESV4qspuhzwhfXIDNcEQRHuTwVLOLwFWGYGU8SbO_SSVOuZQrDGPuyfa5i_BMV92Dcx7cYzekDERwoBATyo18HxuhJwxnZDyJFFT0tPsv9z66duySVcvRnIPmXOiPSHzcEj7kYesoAR7vpyVupbCmAwUlGhg
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
pagead2.googlesyndication.com/bg/ Frame FF90 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:56:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
222994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19761
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 15:56:58 GMT
ftUtils.js
ajs-assets.ftstatic.com/ Frame B733 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225039;7938487;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=pastelink.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://pastelink.net/giu5j4j0&ft_partnerimpid=ABAjH0jh94MiQph8NRdydisaoJFz&pub_id=1&sup_platform=1&cachebuster=852126.6067441056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Content-Encoding
gzip
Akamai-Cache-Status
Miss from child
x-amz-request-id
5KSD911X9EWS2H7X
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
26311
x-amz-id-2
g8iVpy/YbntZwgyDc4jX40BFKWOqnjqR/bnFXitPqM/pAmC7cchOocp4K0ZGon7KG1EcIUZlHggxjcosGBh7ew==
Last-Modified
Thu, 11 Jan 2024 16:43:14 GMT
Server
AmazonS3
ETag
W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding, Accept-Encoding
Cache-Control
max-age=86400
X-Varnish
801268179 795037187
Accept-Ranges
bytes
Expires
Tue, 16 Jan 2024 05:53:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DDD4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBuXMMOE4SFwFgxfpoupAyecVJxVndX_MA9wDB218y4hnFGx3NTBBA-Yhh6CF4uLAJ0mnMfEybRkh_ZwF48PujtdCd_bsLClp-ZUMiDSBwwwafuyfAe5VRX9dnFJCwFQFC6H2N8-i-hKy-nk80MgXc_r63d90QYJDI71ovmlvRXsGIPeI&cry=1&dbm_d=AKAmf-AzJDQEwMk0ibHfksY0dDQgXjTOOmMaK2Ml2xJrDO9hZR2dBklUpE0mUq0N0DQWaDHnVk7cLPgpUChi-MyGDYHF0KV-fSkzT7dgMHSWHEt4qTK7tLNt-clYJpecE8cS08KXeTDiD22DWnduRSNdjF3R-qGKdKOmxSjVGKK-5PBUx_QXZclFcKE1HOI6XEa6a367gs_0G8OyWMyjsXQj3zgtb5-AwZGiFIfBr4iqgzSbrrcFajp4Qa3ku_CbZu-YW8JvukFx1tu1YCJMMkH1H86VvmcAk2w9loHizAhSDUlSja1OWvuU9FahArrKtK7letekZvrGfA6nWom3cF-9gt3L9nvM9h5KwVtTg0IDHsDpzxNypnjW7O4UvjQq1K4ppf1wPhEOFWxBIU2HU0mCfxlZIyK86GGQrylcqhqax8T8i4v0XDU9RQ1v8XXn0ULurbYVmO92zN-bjZSaxH3htCFYy7hInYBBdFg6ZtytX-igqps1mLcSOkeDSgt6WnEcFVmrcxZdYzsOFUleQgCAgBxLGAxbuvkw7N7v18Ph6-mz4NZX7kyhbaJm0mgn29YSV3RQ9cotjWCLz_vTIn-xJtK4O-thtdmjdqUh0mA9pG0AyUX974296be-dROTqtV1Vmfy6S2yiiZ3TRQd5RntelpSUcdBsM2CsNnBE0h1JjjQz8YYGpi2M7Z0mt8uO4_1e5LwtWxp6n0Yiq1HplMd2XG8oPHB4b3l8FfBeURy-LRf7NwmsC9-vQZ8KIvav5AHjJSJHoXkxu0N89xGcDWyGjwN6eJ7IY1xbjXZr-BKZoP2Tx3s3NpZWHElnOEspX9UOruJP5v7_QB8G0QaNZ7k571IRfdFafs3wMyENY0erSYxdLuSwOb1Y9Y5zekmbuCDeH7DNHWs8lCnE_3XXv0kx6KeWLwEX_pnDXIdj45o7I2opwO7O3sdEDU7M8fO0dYLoZnwuJ9tyUSZ9j16F-Hg6DkYREY9-dq0brdp8dr3Z8JFiThRqsfmaeyBq_CNJ4TEphR8yOCHRwdWTOefCsQr_P7YHU8ny0pjRcF9X9BNvRQSZLO7EhsvX20Q18cAEtoCgHpuxXdt5FMERUaSo2-YCuZK419X5-iOPM-0G3cVuJ26fTDcZRrJJ-_cbcDerDp-D5KEgv7lofnWiWjREctZjSX6g1NDOqIIyC6wSN26o5Z_x2gsWs8qdClAVzbSfEaT6BIieeWFg0-gg5f_ETRHgxvZPRX5SJn-UljIutE6N258_6sl4f2dGZw18z1cU8uNVpgugWG3b8_jHrcUKm6CXJn9pzi0t6Hq8KyNx1S5nRZXKarXSwoLY26hwmq0tFa7AFqTNBWINiTa51huTKTLVbrG4LyvPiWNTABQMaOgvpP-0uop7hezW94-gVZCEZJj70LiMs7JHDehejQHHBnrMWxBCybyaI2amzT5XBd3-ET06-Zu38M8hvzVIslYJ-MfxqI86Bkj3QgzHvaGk3XlNYA5c5cJS3bWJje2GX5eYkLOPUuexKsnFUMEw8MrNb9_YT8bbLqBRLpJmySj-daHJ2m-m-O2p30gWpHXcAR2wpKI9KR0urnwRz7sexYF3FrUypi98ScQs6U-XM_jCsZb1evJ3ZJ62bNX-LLHxEgR13fsJQRGRorPR4cyDqlMXzdH0Ykh2K7AbQCTlieGJ09D-9qaQRvIhUCwlESO7Ow-_Wrzv9qnzY6XYvNLRO9OOCIGIhXarQSNr-Ay452coy2GI-_c7v2_crXF-q5ZPDkz74dd1oYi1RfUI1VGNxRcciw2mQHDBa8IPxxctaiP6LXKS-CV1gSxDA8oAlkPPLdXOI7zd2G5MS1n4B0mcmMuemJBqs8bHUiKwqcgFLl-aEAmlzqA6I4XXYIdXtHIUraxEWlqwGDiodmjlWE7t1vi7sXgFBXT3JXbB_V-sDj57h5pBD8u8I8j4bbAnM9HiJsKE6XW8eM5aEadSBsJtCB-9AlIdCqtzm2Sw05yY6GJmze26nO-LYCICfXbPdNi_YygOEcaFqJ83WExIJvU9rkZacNqlX_A5LKjLY69gkpUPkZiygLV63kLbIeth8eGg34QSw9dr-0Rg_T1XtgEwDiRBADEuhLD2xtM9R_PHYptYHbzjaGXWqyr8nbqq_qaoGDjGJrFPpQDnGk7yTimF4kiqhRuZ8dsCMu85bTKLNRBQ5Mu_Pvd8cs48ognBhdkgiVDY-Z4OJleZWHVMTyyn2364ydGbJVR0eJBNGiSa2ZmWYH2O4TPhaKstf9ziYm1TxatFQNEVjNnlINvQ1d-2YgBDinG_hCSX4gp0_g2ehQdSGsII9zwmmx8YGCP9bnbaNGiZZ6EdenDexvZESgDOXulf5WmH0uAvZkADUU12QVgJrfHapdO8tftXxPARjtclDHLq6SKv2a5hy-Qk0rWsD5TejdB80QsMe6CqRhNCTMC2esq8mwTGZjFSGdjUPfZGWO6giUdjcJlOCIfy3Ldcmbgkrx9BYXE5KilLrE1XCxgw0KKAq8N99KjWaizYdOOli6EjVDRautT6Dm8a4iqAzii9q3QXrVqjdCeriygayR9uFmKwH48hKWy8vulhcieq3yn0EYUMI16ax5iZcXuAm2QdS60XaUOoVqnd2SXdW-ylkpub33ys3oceHilSv0iYC3-Mr32VAoQVGFhncgDLpmHko0iyAPo2ARy-X_w-hIGzJFGxrqP4y0dmjbXEq0GN9ekmZ87TpKxga5qhBdg6b0poqH3J3WBSx6wU5mJxkrmg1SNab92LVWyK2nwYOIUiqteVTI2Lq-1vB0TlZURbSwGfLc-_fluhffqwcF1gtcxHmXRwctQzBxdxHkto1lvuRLCWB1qrHDHBJmaqknqBUOCf6B_Kh_GPHH2oQkUJeVpXCUiVOIUOHQU5mXojosrTATjaCh1MSHpixdrOc0jIVZB7PxdRVFzNKdboog-QtdtExqtdKitzXaMPwDbwW4gM3JA8KcIq59QJXg20t1Gh-3E77DEMMBFairpWyAG6nybySGmbFlw2YvF5Hpm_Gdu1BEtTkexUCQvdt4nViyKfihMHk4y2K67zbqjX1ux07-7-czvpiV-PmJmFIFAWYbRdxWfI6mjEERTxub_p6KzsB0Sx4zCuedyN-P5n_ePRJiEEz83CUK63Qd20avP2HARbePoq99lBfipSBViTqGQ5adXBEYdbvkdtKERzG6xsW0xpBZUw2HxcqjIJBTIub0i8XP-8WAv30iKpzRBjtXKsBG5s1nMcVZaKzhFM0SfkRCtUD49vwaKD-uUqmGSH1RUcDaUEtxuH1w_g-lLa3mIu-Au83ecLcnkS5nQ5V_e_NLVIoZ79G-OhYZC7_B-FqeKe91pG7GulFyR3SA1HFiO-00vQyLnedeUrZaPGeaX0-T5Jv-36RU_-pyCAxP864oSM4IzLHWEPFE8qGKqSovAzh7ityuI0mgrSb2o4-l5ZZpoCzB2MgdjBeUf8CrnOVly8z0iGthg5lBODVm8KitFNAfYFbIp0g1BYkw_yfvr8yTfu4CiGoeq0FeuieqS-dPqLQQba6xGjrFQPsLB67J-B8xelLcnwZNLo-gnKnIWN4AE-LgDs1TSUKIlZ69XFaf523vUtMb8Thx1C8KvRs5FrxTiofoTJb1Xy6hhoU2voXj-m0aosHXGUjK2OBJYEi0ajTkLczSJNDTDkFV2gpJhb0v8nKaT6MDZ3SHWHHEOeSPg1mzMV9B-ThTHUW7K-SeveNBg--hCNWD-S5bdV2UvOGNgGpkqsjnKlRvFsejT5o9G74SdzgS__HDuYVf38tEauwx8IEIocRXcfIE&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=10712689775016920000&adk=1033480540&idt=240&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
207944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI5ODAxMjQzODcwNgogIHNlcnZlcl9pcDogMTM5Nzg5NTg0CiAgcHJvY2Vzc19pZDogMTI5MjIyNzY2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame DDD4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI5ODAxMjQzODcwNgogIHNlcnZlcl9pcDogMTM5Nzg5NTg0CiAgcHJvY2Vzc19pZDogMTI5MjIyNzY2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogODYxMDMyNTUxNjU5MzQwMjM2NwpkZWJ1Z19rZXk6IDEwNjk1OTM2ODc4NDA4NDY0Njk3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQ1NTY1NDUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDAyMDU0NjA3MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTIwNzcwNAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x3892ecb214b8b0690000000000000000","13":"0xd488973b39a1aaa0000000000000000","14":"0x9a4f2ba09cfde7b70000000000000000","15":"0x24b5fc54a0ac3ca70000000000000000"},"debug_key":"10695936878408464697","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"8610325516593402367"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/imp/1/225039;7938488;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x600/ Frame DDD4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/225039;7938488;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=pastelink.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://pastelink.net/giu5j4j0&ft_partnerimpid=ABAjH0iSX2yAsD881urPxC7Lj3_s&pub_id=1&sup_platform=1&cachebuster=367863.8515752608
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app19.frk11 /
Resource Hash
20d98514539eec78a2603ce577a06fd59d8163e77227c9f8344f152c90de448c
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app19.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
909
Expires
Mon, 15 Jan 2024 05:53:32 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8C6A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
193362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ftUtils.js
ajs-assets.ftstatic.com/ Frame DDD4 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225039;7938488;201;js;DV360;DV360FY20EDUBEHCompetitiveConquestingCHDSKBAN300x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=pastelink.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://pastelink.net/giu5j4j0&ft_partnerimpid=ABAjH0iSX2yAsD881urPxC7Lj3_s&pub_id=1&sup_platform=1&cachebuster=367863.8515752608
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Content-Encoding
gzip
Akamai-Cache-Status
Miss from child
x-amz-request-id
5KSD911X9EWS2H7X
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
26311
x-amz-id-2
g8iVpy/YbntZwgyDc4jX40BFKWOqnjqR/bnFXitPqM/pAmC7cchOocp4K0ZGon7KG1EcIUZlHggxjcosGBh7ew==
Last-Modified
Thu, 11 Jan 2024 16:43:14 GMT
Server
AmazonS3
ETag
W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding, Accept-Encoding
Cache-Control
max-age=86400
X-Varnish
801268180 795037187
Accept-Ranges
bytes
Expires
Tue, 16 Jan 2024 05:53:32 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 8C6A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
24762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 23:00:50 GMT
truncated
/ Frame 8E7C 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49af4e7977a5798d255d32980ece9a74200caa229c11a436be2c3871f7170f1e

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
49650
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIC_oXMikZfORE_iK9u8PiPW14AcAAAAAOAHgBAI&bg=!-fql-rXNAAZ1R9vHVUc7ADQBe5WfOGP3o5BTAvXy-meJGrRs9QeMZ8zyk_Eaa2WkAvWENEBWygF2hnm-AVhOBLWUlS0RAgAAAENSAAAAAmgBBwoAfFwxGMfP0gxTIghFiFzp1GjQA3XCti8zVAqaxsvsNT-vOLIwXjAojCwTz18mBERXhxKxRZXWQIB5LcyAKjylgFfMfhp_C-q7redZYSyZ0WvywM0OblLj-o0ijdbY7BA62aHz7pIURKEbKbociJQT2aqhE4gbF31xSfMp40SZAwSQG5bayKe1chL5XfvoJ0YzgUWss9dkxFK7tqe19HjcQa7sUmmY5DX3SZ1_rkOTPiyrJ9wwSBJhSmJRkdvpeQi581e8zCo9hxtaO-5nkbnnzp1VIwfJudca2TBtml0mCfIjPyLFrOGO5GuUr1bWouc45FjTlAyM2LQh0mSfHw83659UPfjh2iwk-CpYnDf8oj_etJZfRLOcfDO5ug-r9veT-ONX-qvPaTQkzDHNGHlU7Iz8Yh-fGY4AIkmWvq6BCMqGf-Uy2vVPeOy8TQgchGFDPEHSKKylh12FoYrGfFZMVyrFaKYLtgE1vhTpyr-j_EE-zXUbvvg2olnofiNcaVBXfD8mEZrT9-CaMrj2fU1w3wbCIZPiD040mdpWnWQYbwtyY90m6vw2nBTD5dm65KDAOHp3yZBpBZuyELyfazY6F6Eh_8EgLxY-l5XvlQoYbatgnnxJd2jzAfRWNuUu36XUmOnh7Crwy2pISDwuCz7mZYeDLNJXWbALWJmg9izJcDebO36bJScGWyT2Nz3J8-YwwugxBzbF50G_NALANir6NalGhsB7nF3S0NPJlB3WjrLHzh5LMIohOgoiogJGYBPvrSqX38q9fIVkD_Z2n5A4kSy68D5aQo1nAe7IGm5lYHWPrE0YrdQGOe-NR1XCOR0WcrBmu1ojYrOQ1Lg19_3syEqCEMryZKsztYdSs5BeXt35UytowbS67T2rEIbTdz7srt9fpJGBmSfZdJx2y-BpYI-qxiD2UzHGfKF60D1No2lVfA-Ecr-ReZDSU4PyM8bEMtybvg4Td3i7kOOxxV8aagUbcUCu7GysYMyOJK-0KmQu7rjKJoDRmrYMY7S2oIeUpVvGc-vkHY5rL0SoVCJPKwsztMPUC4Gza2PQm90wtV_NYHC-TJbhLYI60Ypydilfe9Ja1l2VhLUUKXw3DJlAQLkarMHXcIm6HPlNxQwKVy4TBDZlJzRDh_C4V-znh8aCHF3_T4dwty3oaVGCdNuniTkZTF8fNIhTV8T_w8yNYkfk7RFf
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B784 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B733 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
919b5c55bc401be9bc9ff513811831f035ef8d1a458a4e660ee93c405b24a3b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEON2DkKy9_DRsDJqmnXVlt8&google_cver=1&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ0HBTIUHLhXB3h1JXjeQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ0HBTIUHLhXB3h1JXjeQ
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQRprCPTwMaJ8hCMclrQOq9e9GEK-tjhlOmNC8vg6lqQHEwpyFJEDUHH_C50-fkkNlh2H1N4c9CtBZ0HBTIUHLhXB3h1JXjeQ
Date
Mon, 15 Jan 2024 05:53:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG2KqDkaAw0o8M0wyWb6kIQ&google_cver=1&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeo...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=08bf407e-311e-4a46-8799-2e2e0249cb3a&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeoiTVfM7IE&google_hm=wCb06wJ3Rwet7uj8kJKplQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeoiTVfM7IE&google_hm=wCb06wJ3Rwet7uj8kJKplQ==
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSRt-rF6H1P7Vv4uEtwLDUoONqZzLwYwjS5u6f649UnO2Eamfg4j4ksFx3NPRvQhcWOq6oHarRss5syNHC49jeoiTVfM7IE&google_hm=wCb06wJ3Rwet7uj8kJKplQ==
date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECyo9KvXJBsGFTFrBH_p4ZA&google_cver=1&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw&google_hm=nBLjSLzxyWAY1PJGsPPksw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw&google_hm=nBLjSLzxyWAY1PJGsPPksw==
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQh6QfktCY3RURZ8GQeYLfQLw6olgAXC1d7kH5yA5U5JmmWwReQhc2Y4C86QOkkF_guOrPA7WDo5ITGjgyAcbQ7uspWpLSeIw&google_hm=nBLjSLzxyWAY1PJGsPPksw==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNbXplBbm3AjgfWp99GMIqN-6BpUZRTyDaK0SZGX-HRmRI9FzkrrXgDw2tTJjrn-7Hw3isjc
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNbXplBbm3AjgfWp99GMIqN-6BpUZRTyDaK0SZGX-HRmRI9FzkrrXgDw2tTJjrn-7Hw3isjc&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRR8vAsRwY5Kafi4drtQpPQbNbXplBbm3AjgfWp99GMIqN-6BpUZRTyDaK0SZGX-HRmRI9FzkrrXgDw2tTJjrn-7Hw3isjc&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 15 Jan 2024 05:53:32 GMT
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOu7G3HycKY7VjAuj2vRAAE&google_cver=1&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2apcVti6CwpZtHIAQglGCM-Ow&google_hm=NDYyNzg3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2apcVti6CwpZtHIAQglGCM-Ow&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTOuKvV3OM59MhcyhKMXZs8OarCQ-zadOGibI6bnpE20XM9Tm4rCgEwlmQPwhQdVXMhctFrP2apcVti6CwpZtHIAQglGCM-Ow&google_hm=NDYyNzg3MDgzNDQyNzA1MjM5NQ%3D%3D
date
Mon, 15 Jan 2024 05:53:32 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSlQ9APhFr_kbG-o9e_l8Jg5sw6mJqfifq-VCz6OtQjDY1GrDocOzkwC3WsafWvipMfh18gvFR-70SCu7ZtDgLUWRpy4Nr0Zxg&google_gid=CAESEPooyfXAJr...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPooyfXAJrlstc2-YC7SBZw&google_hm=T1BVODQ1OTg0YmE4ZDY0NDIzMjg0OWE2Nzk0NmRlMmQyM2E&google_nid=opera_norway_as&google_push=AXcoOmSlQ9AP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPooyfXAJrlstc2-YC7SBZw&google_hm=T1BVODQ1OTg0YmE4ZDY0NDIzMjg0OWE2Nzk0NmRlMmQyM2E&google_nid=opera_norway_as&google_push=AXcoOmSlQ9APhFr_kbG-o9e_l8Jg5sw6mJqfifq-VCz6OtQjDY1GrDocOzkwC3WsafWvipMfh18gvFR-70SCu7ZtDgLUWRpy4Nr0Zxg
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPooyfXAJrlstc2-YC7SBZw&google_hm=T1BVODQ1OTg0YmE4ZDY0NDIzMjg0OWE2Nzk0NmRlMmQyM2E&google_nid=opera_norway_as&google_push=AXcoOmSlQ9APhFr_kbG-o9e_l8Jg5sw6mJqfifq-VCz6OtQjDY1GrDocOzkwC3WsafWvipMfh18gvFR-70SCu7ZtDgLUWRpy4Nr0Zxg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B784
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEAQYPYY_8YjNboTUMKAzF9s&google_cver=1&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K_ey-MPXdkI&google_hm=f34e9699e10...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K_ey-MPXdkI&google_hm=f34e9699e10a7b192m0zzm00lreienuh
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Jan 2024 05:53:32 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS9_PpX72-L0YZZN4mhuZuBcJhLdQX-yItPtHe4SRWZIcGqwkHd8nVyAoDQ0p_p58JS7XmkZEdwkqUiqDhcXVq_K_ey-MPXdkI&google_hm=f34e9699e10a7b192m0zzm00lreienuh
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame B784 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kq6sspDnzxzuENiPbQIF7VIr6n4SQBxPoBTgrJyXaiMg6GC1RD49KCwzhn8hTM0QrsxG_HwNQ
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 132B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DDD4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b80dd520b2a0f6328c9177244413f511167342f8ceeb7be4ab30fbdbfc3cf4f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4198896.json
agen-assets.ftstatic.com/display/7938487/ Frame B733 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/7938487/4198896.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-84.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5305218f770bf4d4f05e85f48789790cdefbde7a40401489b74453ae23d9b8a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.2), 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 08 Dec 2023 09:12:06 GMT
server
AmazonS3
etag
W/"a429df2e73d8b2fc6830d9236ceefab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
706633172
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
A6qGaObnzFeI_QIr9q1PCUpHjFxwU_jFRumxqKgvlNMI6mFAWYtxMg==
4198832.json
agen-assets.ftstatic.com/display/7938488/ Frame DDD4 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/7938488/4198832.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-84.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1684421f8232c222da0192ba8a7d5be635d4327c72403e8727956d8119e7e9f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.2), 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 08 Dec 2023 09:13:33 GMT
server
AmazonS3
etag
W/"54419aa190bc4e80187beef9e0204f09"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
724593385
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
NwZOMSortcm-tQJL1ScCH8Qcs7Tk6LlbeHlKIzxKCxlKj_R3pmSk7Q==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 132B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1&google_push=AXcoOmTPzWNEbwqeHONIgnyj18rsBD0ED3Z147iVSMkZYKeQ4Poq1KDBTHoJSofmb8DobiCkz35eIQITMSipzimniRh2Vw8W6ahn
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3MzE1MDA4NzgzMDI2MDkwNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI5R9zXnxJSIHGBrmqoZD3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 132B
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_cver=1&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVr...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49c7124eb0bf15bd&is_secure=true&networkId=14000&version=1&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_cver=1&google_push=AXcoOmRcE7mz...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAItbWaNmusogMDfxTRAAAAAAA&expiration=1705384412&google_cver=1&is_secure=true&google_gid=CAESEGbob6jV7Ri9Sr29IU9Ls...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAItbWaNmusogMDfxTRAAAAAAA&expiration=1705384412&google_cver=1&is_secure=true&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVrZSnWbpGK5f2_-ZPJCADvXkwLX-Fq03QukU-lt4E4Qmn7U
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAItbWaNmusogMDfxTRAAAAAAA&expiration=1705384412&google_cver=1&is_secure=true&google_gid=CAESEGbob6jV7Ri9Sr29IU9LsZ4&google_push=AXcoOmRcE7mzK9lttNK-XLN_TEp_Jbp34NbKqItnhsv0mGytB-5tVVrZSnWbpGK5f2_-ZPJCADvXkwLX-Fq03QukU-lt4E4Qmn7U
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
google
match.adsrvr.org/track/cmf/ Frame 132B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKW2SyRzpAyFZ191JDyjAk0&google_cver=1&google_push=AXcoOmThl6TutS0cFs-oAHyq3PgErMQVAuYzrBzXQYnuwQGglp3zdS9WvzKRRLou1zcGaXPGovUxKYNaltXltXmRR2r3f-1EdZAA
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
b1sync.zemanta.com/usersync/googleadx/ Frame 132B 		0
0
pixel
cm.g.doubleclick.net/ Frame 132B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT4-t6TWZ2CGZXeYNHbbqIDjUqyMHSBz3rZu3Vc7UzjTo5NNo81mk2SakJtCaJMqOaXhzpTn319-jm7yBm6VWjHwJdTYOR8
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c5Au-oD8Q1OWWxwx5qiyPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT4-t6TWZ2CGZXeYNHbbqIDjUqyMHSBz3rZu3Vc7UzjTo5NNo81mk2SakJtCaJMqOaXhzpTn319-jm7yBm6VWjHwJdTYOR8
date
Mon, 15 Jan 2024 05:53:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 132B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJfo7rqVpZ55ZUgOGQxGXDk&google_cver=1&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmMS...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmMSTONDyYf3nqtM
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_sVbMzZjXhNUAu7ZbaZBnLAKahs&google_push=AXcoOmTSFknrrnDJA3eev-A1r3-UttoXDbsZoom8btEb-NZ2rf1ujwVeeRzygbtEJST9b1PgExQOPdijDz1QmMSTONDyYf3nqtM
Date
Mon, 15 Jan 2024 05:53:32 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 132B
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECOud7wq49deE6_wlqgnaKI&google_cver=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHyspyRIOk-2H9cCyZV8n4hixFJuf5VMEdJw3sVExJq7639fjTGxxz8yuBzyBlpC5xHcfyI8
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHyspyRIOk-2H9cCyZV8n4hixFJuf5VMEdJw3sVExJq7639fjTGxxz8yuBzyBlpC5xHcfyI8&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&mn_hm=MzQ4Mjk5NjEyNzI1MzkxODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQfQtYxmitm6qNTV-75wXpFNHyspyRIOk-2H9cCyZV8n4hixFJuf5VMEdJw3sVExJq7639fjTGxxz8yuBzyBlpC5xHcfyI8&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 15 Jan 2024 05:53:32 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 132B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxLHUMFNamx7XxRBWCvZQJHwDH6KC6Md_BjJ4MswZICX9JRCYN7CCOzexHhBS9fjwyFxnz
Requested by
Host: 5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
URL: https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
49650
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C6A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRpMsXMikZbLjGpCK1PIPz6iX6AQAAAAAOAHgBAI&bg=!LyylLGPNAAaumcC-jpk7ADQBe5WfOK3QdvEAaKaKcRuGzgZL6cnfShHlM1vpIjX_VJWN45DnDEgBh7d0_E2Rpae1s62sAgAAAHNSAAAAAmgBB5kDEhxojvko68GCG7Q0yagSLiHP-1nHkrILqVg_sQi5RLb7ymfbvBrFphGvugJ_BtB_d57DNY8W-dgh0rtkk-0v3O_e5EpbjSEBdCXu5MoFxadaZgHXKjwR2_NfBQyv86sMGShlg1ga-GCCHXbtuvqcQ44VuwWDgYJrd8Yi9Zf4qoT9YPA_l9EMhWP6JLnMoHw7zA1turdDR7ozmDV5ZnKB1ybrFK5CshcJ5D3uIWCyygRUkMZEDdP6LpN67mWhE8xQbdgUVSut1dAbe8ZjLFjxR93t_4GmOqwRudnAHXtIOvpKIzpSsHVb3DfWTYiTRpal25RyI3o3g_XtUTMEURdtAa_SKpWyjh5bJ-1eAkRGc23btOsbo15WGmr4VRqnTouzHX0W2FrOaivr1sVzGJH3WJH_GUCzOz04tooRcEy4K1_ywWp8QHWjiVwAvHQhMn26lwG_WVpXnkGSuhOLzzs_PY7m1nOMlstroYUZQZ_L1MoJ54Gvutdxt_pp2JgiOhhz8PQEWB2zfFgYdgOUs-W9CvqArMw3T_Yl5tyfHW6QovE2H3Ie_R7Ftk2nZXegT8GsmCWPL-pOaH260piZNbmjWmwTW4uVloaB1URUJgbTtMetDuqEEU18eww5DNtoIRrYg0Rrw77xpn8fhdzbOPT5_IdtKiafUVcqQjFQBWF8bOV-QBMAdLFJjEVtIwI9fmCtqFryJpy-bYDbJIK3BO8-S9ZjzjXwy0wWVYk9yNz0O5xGTaYT9cSZxAwxCFlLrhatxYXNpdNNGYEUWHJ9HdarAZMtY1B56OWaD2rM_CFPKiZHlaXmjsu-duoDAIQ_GzDHrjFvlJpigwxiD4dEwX3LhCJ-2teB_aLeR5EvLYPRL6KFQ-t7aC8M4QC-8Ilx2wykui7uDD1xwMzGUQaEr0omWoJ7k0jfS9EGHJZkrL96Z5Fsiq0m5k5q1-qeknkbh31WkXQNj0irwe9mShduEFBGtp9bxX0tSkn9tEblAci9AvwchFT6h9KuJ8ELqprhsgF8HmJl--6Tvf3wnMLw0CgagAHmjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
49650
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 257D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60298
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:32 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
49650
d9core
d9.flashtalking.com/ Frame B733 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.80.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-80-168.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
e5faded89892d1cc24f86e57e516ecef65dd599c720c7cc7b8201bee44d2d5ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag
5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
d9.flashtalking.com
content-type
application/javascript;charset=utf-8
cache-control
private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials
true
index.html
cdn.flashtalking.com/155251/4198896/ Frame 1AF4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/index.html
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
2c81a2400224a3748ac84fe01b516d91eb586e73a680f06cb4f398d2bcab9176

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1757
Content-Type
text/html
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
W/"b1915753ef2729184381169c2f512bf5"
Expires
Mon, 15 Jan 2024 06:13:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-Varnish
310056539
score.min.js
js.ad-score.com/ Frame B733 		600 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:be00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 16:39:09 GMT
Content-Encoding
br
Via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
47664
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 14 Jan 2024 16:39:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
NPlebw8FQ2PuJOP8h9GNCkQX92CraiNza8S79YxoF7-cLRuDr_UbTw==
Expires
Mon, 15 Jan 2024 16:39:09 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame B733 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Varnish
245816087 241254950
Cache-Control
max-age=18891
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Mon, 15 Jan 2024 11:08:24 GMT
iconc.png
cdn.flashtalking.com/oba/icon/ Frame B733 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type
image/png
X-Varnish
511612315 382618673
Cache-Control
max-age=1990909
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Wed, 07 Feb 2024 06:55:22 GMT
d9core
d9.flashtalking.com/ Frame DDD4 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.80.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-80-168.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
963981bec61d9ccdb6f3187804338e1bdd76e8a21c594cfe7b5fa5556701c427

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag
5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
d9.flashtalking.com
content-type
application/javascript;charset=utf-8
cache-control
private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials
true
index.html
cdn.flashtalking.com/155251/4198832/ Frame 8178 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198832/index.html
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0ea10722e3a9f9bbc2b5bd6301e95ab96ea33f2957089209ead86853d2d6b75d

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1756
Content-Type
text/html
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
W/"4df0ae71d1f8c643f4f99a4ebc1b45e0"
Expires
Mon, 15 Jan 2024 06:13:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-Varnish
601463311
score.min.js
js.ad-score.com/ Frame DDD4 		600 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:be00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 16:39:09 GMT
Content-Encoding
br
Via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
47664
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 14 Jan 2024 16:39:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
9YZGMtz03GS5aiX6VBNaGbomwut2F6QYPN7AP3gpHgxYNoH0D69brA==
Expires
Mon, 15 Jan 2024 16:39:09 GMT
iconc.png
cdn.flashtalking.com/oba/icon/ Frame DDD4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type
image/png
X-Varnish
511612315 382618673
Cache-Control
max-age=1990909
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Wed, 07 Feb 2024 06:55:22 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame DDD4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Varnish
245816087 241254950
Cache-Control
max-age=18891
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Mon, 15 Jan 2024 11:08:24 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:32 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
49650
createjs.min.js
cdn.flashtalking.com/frameworks/js/createjs/1.0.0/ Frame 1AF4 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/1.0.0/createjs.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 19:26:47 GMT
Server
Flashtalking (AKA)
ETag
W/"c71464532c0fc2020d8e8667ecfd9a3f"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript
X-Varnish
316127587
Cache-Control
max-age=85936
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Tue, 16 Jan 2024 05:45:49 GMT
FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x250.js
cdn.flashtalking.com/155251/4198896/ Frame 1AF4 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x250.js?1673563329989
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0a99ca80cd5f578e453b1b3249f7e39eb02cebfdb2faf1d8d4639e81600b8a58

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
10539
Last-Modified
Wed, 25 Jan 2023 18:35:00 GMT
Server
Flashtalking (AKA)
ETag
W/"c7581709d0cf7c2d3ac08d2b893f6998"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
622620212
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
Content-Type
application/javascript
Accept-Ranges
bytes
Expires
Mon, 15 Jan 2024 06:13:33 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 1AF4 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
919664d4c088d6963c5c872ced7e8859a3cabc2cec3ef42f4afa99de7a3321da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2023 15:23:45 GMT
Server
Flashtalking (AKA)
ETag
W/"aa5cfa970907192576fba68520d94a44"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Varnish
398255914
Cache-Control
max-age=42984
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28723
Expires
Mon, 15 Jan 2024 17:49:57 GMT
createjs.min.js
cdn.flashtalking.com/frameworks/js/createjs/1.0.0/ Frame 8178 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/1.0.0/createjs.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198832/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 19:26:47 GMT
Server
Flashtalking (AKA)
ETag
W/"c71464532c0fc2020d8e8667ecfd9a3f"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript
X-Varnish
316127587
Cache-Control
max-age=85936
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Tue, 16 Jan 2024 05:45:49 GMT
FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x600.js
cdn.flashtalking.com/155251/4198832/ Frame 8178 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198832/FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x600.js?1673563320248
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198832/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
5c83417cac81216bbc3d7bfc43fa84d6a323f99bc974f616a43b661f55fdc1be

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
10999
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"65da31db4fca9871f4af6cb1ca727d4d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
400845751
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
Content-Type
application/javascript
Accept-Ranges
bytes
Expires
Mon, 15 Jan 2024 06:13:33 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 8178 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198832/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
919664d4c088d6963c5c872ced7e8859a3cabc2cec3ef42f4afa99de7a3321da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2023 15:23:45 GMT
Server
Flashtalking (AKA)
ETag
W/"aa5cfa970907192576fba68520d94a44"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Varnish
398255914
Cache-Control
max-age=42984
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28723
Expires
Mon, 15 Jan 2024 17:49:57 GMT
/
ad-events.flashtalking.com/state/7938488;4198832;0;271;D87052A0-C9F5-D45D-987D-BDB401F74477/ Frame DDD4 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7938488;4198832;0;271;D87052A0-C9F5-D45D-987D-BDB401F74477/?cachebuster=669291050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.30.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-30-65.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame DDD4 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938488;4198832;0-304-0-5858A9FD5D7024-744938993
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:33 GMT
/
ad-events.flashtalking.com/state/7938487;4198896;0;271;798F0283-418C-4A78-EA00-275869F1965E/ Frame B733 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7938487;4198896;0;271;798F0283-418C-4A78-EA00-275869F1965E/?cachebuster=75588329
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.30.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-30-65.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame B733 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938487;4198896;0-304-0-5858A9FD5D7024-105439559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:33 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
49650
cors
data.ad-score.com/data/ Frame DDD4 		60 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=535f52e8d2631e357f1efb47&pm_pl=1705298013140&pm_td=14&pid=1000941&en=1.1&callback=__pm_glbl_RYlb9IDGoqY5qMkBqFhI2FAK._gc1&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4fd5fe4c106c8db018e7dc1106a1968c58eb325a5ef1168346af5a295748a9bd

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
truncated
/ Frame 61F5 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DDD4 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
0828ccfd-04b8-43ea-be9b-5e6c1bf77154
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame DDD4 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/0828ccfd-04b8-43ea-be9b-5e6c1bf77154
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
099eec8f-4419-4c9c-ac05-7ebe1354fa19
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame DDD4 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/099eec8f-4419-4c9c-ac05-7ebe1354fa19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
49650
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jan 2024 05:53:33 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ft.stat
stat.flashtalking.com/reportV3/ Frame DDD4 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938488;4198832;0-306-0-5858A9FD5D7024-388741298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:33 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame B733 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938487;4198896;0-306-0-5858A9FD5D7024-120688091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:33 GMT
checksync.php
contextual.media.net/ Frame 519D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C359%2C459%2C70%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C244%2C201%2C246%2C4%2C203%2C10000%2C108%2C9%2C407&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5325a2e91e1c59631540bea1293d9a6e6ead4e97e6bb04168e1e3c73d16df514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8357
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Wed, 17 Jan 2024 05:53:33 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
onetag-sys.com/usync/ Frame B794 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1705298009686
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1154 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60297
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame A08C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-18.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
60764
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 00:50:29 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-id
EKRYUiubSwkubc-enpQTDAkmNbw2YqliHB_lNOppeY4J9oPA8nYAlg==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 28C4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
"623de86a-cf34"
Expires
Tue, 16 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FFB5 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1705297800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cors
data.ad-score.com/data/ Frame B733 		60 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=82f6ea553dca0f4b9dc66368&pm_pl=1705298013371&pm_td=12&pid=1000941&en=1.1&callback=__pm_glbl_61tpY0tpB33xwKvaZ1Ln3IMO._gc1&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
46573ff316fd47e867a03ce5c7246762647835d49a4eb1f615aae69ea294c33b

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
truncated
/ Frame B733 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 713D 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer

Response headers

Content-Type
image/svg+xml
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
49650
usync.js
eus.rubiconproject.com/ Frame FFB5 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82580
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:49:53 GMT
23a8f0d0-796c-4b1b-bb43-a30fd1c111c1
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame B733 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/23a8f0d0-796c-4b1b-bb43-a30fd1c111c1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
b4554b66-5570-4622-b9d2-162ce77e1744
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame B733 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/b4554b66-5570-4622-b9d2-162ce77e1744
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
SPug
simage4.pubmatic.com/AdServer/ Frame 94D8 		0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
lgc
d9.flashtalking.com/ Frame B733 		103 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.80.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-80-168.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
03ac2955fa47afbf0dfdd9207ceabf9eb4d22fb59bc19c2f0809c776a1aace6d

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
content-type
application/json;charset=ISO-8859-1
access-control-allow-credentials
true
content-length
103
lgc
d9.flashtalking.com/ Frame DDD4 		103 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.80.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-80-168.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
03ac2955fa47afbf0dfdd9207ceabf9eb4d22fb59bc19c2f0809c776a1aace6d

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
content-type
application/json;charset=ISO-8859-1
access-control-allow-credentials
true
content-length
103
183ec784-f65c-4e49-baa5-01728f2729f0
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame DDD4 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/183ec784-f65c-4e49-baa5-01728f2729f0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 6CD2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMv-_mxpVCLtGVKKXzIdzLdSs83fMvhczO8gxPVF5RLmpCOIdf0V_C7Je3LGUsRawy9dfTGfvFWboHdMWL5rFGfGsRxSs_OXcxqarifbaOPLVqKnnU3ZGCm6LIcF1Wl0rb5NFE7J2CMjRLBWZzCMUSe3JqMLrIUxeXik6gbiFUbf80vBIkNYs&sai=AMfl-YRnp8-K2RaXYkZkQlUw6hDjvcVQj0TlWXXo8xne_CQJ1XLyb18PeXSYO-QzfxkIF9pZ-TNtxIA83zKgmNRRpblA-9FCJOAzSSSDwHbk6l4Ums5Pji7ZmeB00gw&sig=Cg0ArKJSzE3seQwz141sEAE&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&id=ampim&o=315,1105&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1257&mtos=0,0,1257,1257,1257&tos=0,0,1257,0,0&tfs=260&tls=1517&g=100&h=100&tt=1517&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=82
Content-Length
49650
activeview
pagead2.googlesyndication.com/pcs/ Frame B733 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFT4IKiXEdlu4cAjGJ3RhVqvXkzPgRoJ2nPWWBncJSa0jRfFftAUprvh_8GzF3rMrXj00JJJFQHva91lrDJmtCvnK8VGc204zlUZIWNxxB7ZsCaDhimCexOPuhJ2TdqIcTC0ThYyAbPSEnHl3jM14zSsVx&sai=AMfl-YSaooeLM9l2HAUwEszfNlM_ZgRF3obmwR4InoXvuKmw93v2TMqq6Q9CcaipAK2_KehMen_nncqgw8WUh-AIR8y5fbyKjspYgLzE1p0AQUZh2-zOnDEhd-1G3z4&sig=Cg0ArKJSzOJ9XjKpOsmWEAE&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&id=lidar2&mcvt=1084&p=332,512,582,812&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1703297318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705298012097&rpt=517&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 4D85 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.7.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cb581ffed30bf7303274d9f41849eb066c4486a01ffdf538bce95bc649335bbe

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 Jan 2024 05:53:33 GMT
etag
W/"0292bc6980ff969e4657e7fbe03a0e369"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame B213 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8BF3 		894 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.231 , France, ASN16276 (OVH, FR),
Reverse DNS
ip231.ip-178-32-210.eu
Software
/
Resource Hash
f9bfb9a6797a7bde8ba93909025b7679840e58b186caa443036d2bbe27635a9d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
894
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4347 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcc8838a6783f5cdcbe887f95b3d91094f2fd1284cbe55e5a794b0a981aa005

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
845bdbe9b9360208-ZRH
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0YlwuhjSzJeGRaRVl68CNHs4lT%2BUa0W51PA8d5syJd%2BB%2BsEsX3N%2B61Mpl%2FKPWlDOwRLVQ5Y3yqebPUmWQPuM2aJIQSC2RuY1nX4YxsJOhTaAeUome9BsuOwOAW8VZpsUXe40WxfKtR3jA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0ED7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 05:53:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D42 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60297
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 18A3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
794d8a316a63272e0e04f122b522da7992513afcfcceb3eba420323995bfa5db

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
MpL-zOOBezVhApznRfzinapGzrB-XgtDRKW5UF1jLXax0cZ6muna0Q==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
user-sync
sync.adkernel.com/ Frame E941 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 15 Jan 2024 05:53:33 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B1F4 		557 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
7d0dca86e481d099ab637c042669485984aa3ee32865c4c15a47f22aa64924f6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 15 Jan 2024 05:53:34 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4990313130819484401
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4990313130819484401
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
an-x-request-uuid
3e024b92-d70e-44c1-999a-3b4a096dedfe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4990313130819484401
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=H_nBuRZHTNVNdAv6Q1qpFt7w
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=H_nBuRZHTNVNdAv6Q1qpFt7w
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=H_nBuRZHTNVNdAv6Q1qpFt7w
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame A08C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jan 2024 05:53:33 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame A08C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8010814079
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8010814079
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
etag
RX4feff258aefc444fbbe7edb82969d503003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8010814079
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588528606875902
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588528606875902
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588528606875902
Date
Mon, 15 Jan 2024 05:53:33 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-32
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=8b3588d5-16c6-4a29-b50a-120ab5ec4113
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
date
Mon, 15 Jan 2024 05:53:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame A08C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-f36b016f-2845-33ee-8a91-00bfc892f870&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-f36b016f-2845-33ee-8a91-00bfc892f870&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAyAgwbOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:34 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-f36b016f-2845-33ee-8a91-00bfc892f870&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mMzZiMDE2Zi0yODQ1LTMzZWUtOGE5MS0wMGJmYzg5MmY4NzAyAgwbOAE=
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:34 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
date
Mon, 15 Jan 2024 05:53:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame A08C 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.200.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-200-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
sync
ads.servenobid.com/ Frame A08C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 15 Jan 2024 05:53:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 15 Jan 2024 05:53:33 GMT
log
c21lg-d.media.net/ Frame 519D 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3482996127253918000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C359%2C459%2C70%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C244%2C201%2C246%2C4%2C203%2C10000%2C108%2C9%2C407&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 15 Jan 2024 05:53:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B733 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6219207289993&version=m202309260101&ct=77&x=1&cor=4045453233912609000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4d52d9e5-a4ca-4e00-9ba5-a24a4a4bdb4f
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/ Frame B733 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/4d52d9e5-a4ca-4e00-9ba5-a24a4a4bdb4f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame DDD4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVwAWrBNFwGoAq3GLMuczcp7ZR4NlEsJQWx6k5hNQ_XXouQzIzD2baU3FTqeMiGGa8rdbhW0Wxv79W-N5Ua6FdUlP1Pa3duI2jCR89oEqjiexBtAPhgwttYw--jrJMvTOCB6UQg_Cm8KTzF7ZCTgiKNIXA&sai=AMfl-YTyArK-txECxWga8-iFZ_DGNHov6wxtv1k7jrEpGCrtBC9lOroo2usZgIciITHY08d-B216mvO3u_FzeCEGmQISvAiuM55uwVaGA-6VZuU-UJEunD2qmoxc3Gk&sig=Cg0ArKJSzKevJH4KAgd9EAE&cid=CAQSOwAvHhf_Aun_YqgugNhV5VVoKKVchl2YniCaMYS0_eNOHH2ul8SevH53ni7oSbQO5N7vJPSzp-DaGqROGAE&id=lidar2&mcvt=1139&p=473,1077,1073,1377&mtos=1139,1139,1139,1139,1139&tos=1139,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3798138915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705298012102&rpt=543&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDD4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3469350744786&version=m202309260101&ct=77&x=1&cor=10712689775016920000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manifest.js
cdn.flashtalking.com/155251/4198896/ Frame 1AF4 		99 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"9653645e0084283f027d77bb6ad852fe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
565594040 566543749
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
Expires
Mon, 15 Jan 2024 06:13:33 GMT
manifest.js
cdn.flashtalking.com/155251/4198832/ Frame 8178 		99 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198832/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
9ea87bb8fa739ee1f70d3e4441b99fc5f84f9f5649e6078e529b6e0370148280

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"ece80d2666df13197211caa1184a3ad7"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
159318582 158768532
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
Expires
Mon, 15 Jan 2024 06:13:33 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Content-Length
49650
sync
ads.servenobid.com/ Frame 8BF3 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4627870834427052395&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8BF3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZaTIWwAOn8wq8gBd&gdpr=0&gdpr_consent=
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZaTIWwAOn8wq8gBd&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mxp6946-MXP
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705298014.819560,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZaTIWwAOn8wq8gBd&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 8BF3
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:34 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 8BF3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4990313130819484401&gdpr=0&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4990313130819484401&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
an-x-request-uuid
6c6b239f-7789-47ea-8554-5611b4a9622e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4990313130819484401&gdpr=0&gdpr_consent=
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8BF3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 4347
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaTIWuXKlNON04lx1l0gawAA%263222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Mon, 15 Jan 2024 05:53:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4347 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaTIWuXKlNON04lx1l0gawAADJYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 4347
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4990313130819484401
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4990313130819484401
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ez8qVSQRjF%2Bwu4kGydhuxuVfw1d%2BqxN2olu79Zo6rLEgT1G1IPxxZPJ9rwym5BW3h7basWX94lVIimGfRs4HQdt2n%2F6%2FGIF8hVBqEeil8j%2FF6UDK%2F1AW91mb5QcROtNSfrsTPGqPhQ1ReA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbeadb370208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
an-x-request-uuid
c7584be7-69ca-40b0-a404-0211316c67b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4990313130819484401
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 4347 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.16.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-16-244.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4347
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4173150087830260906
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4173150087830260906
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxpUNIbZqdINphZbd0ZM5foP7InTCYv0POddeoSpjqDzvov9HGPJY5xYvedLTiLVom7cAUhrUfRcO2ShN3XhsCwfuE23emAD7UjTt7F60aWqgmRVTjMFy%2BZBxGKE%2BHEeipKB7z6mpa2%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbeafb640208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4173150087830260906
pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 4347 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FDBGZRKW8WX8TR1B41FD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4347 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 4347
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1230c8c645084f59ad5aec906ac09046&expiration=1707890013
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1230c8c645084f59ad5aec906ac09046&expiration=1707890013
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdQiNXT0ODK3Oly2El8%2FXLzwaFhILpWnhVRj58fF%2F%2BJcf1uuBstnFH6I4uiHEvYNJEc7xzX0r0aak8f96s0q3lJgAd7Ued0eCp8GF8RAiK467B%2F15fp52gdzZmtJ1NevBnPIBmg2RALIOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
845bdbeb1b9b0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:32 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1230c8c645084f59ad5aec906ac09046&expiration=1707890013
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 4347 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 4D85
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
an-x-request-uuid
7a233e03-eef9-4633-9dc3-2fe1379d9b2c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4990313130819484401
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 4D85
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c026f4eb-0277-4707-adee-e8fc9092a995&ssp=gumgum2&gdpr=0&gdpr_consent=
42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c026f4eb-0277-4707-adee-e8fc9092a995&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c026f4eb-0277-4707-adee-e8fc9092a995&ssp=gumgum2&gdpr=0&gdpr_consent=
date
Mon, 15 Jan 2024 05:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 4D85
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 Jan 2024 05:53:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b479cd04-3d62-4818-99db-ae1cabbadf4f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4D85
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g9yTn7FE2pcf8STXS7LOIOSqnTp9j24Evdvi~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-g9yTn7FE2pcf8STXS7LOIOSqnTp9j24Evdvi~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 15 Jan 2024 05:53:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-g9yTn7FE2pcf8STXS7LOIOSqnTp9j24Evdvi~A
content-length
0
142
match.deepintent.com/usersync/ Frame 4D85 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame 4D85 		0
0
usersync
usersync.gumgum.com/ Frame 4D85
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4627870834427052395
date
Mon, 15 Jan 2024 05:53:33 GMT
content-length
0
sync
ads.servenobid.com/ Frame 4D85 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_7b1e3db7-124d-4a3d-8799-47aeb9709575
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 0ED7 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82580
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:49:53 GMT
/
servedby.flashtalking.com/state/7938488;4198832;0;401;D87052A0-C9F5-D45D-987D-BDB401F74477/ Frame DDD4 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/7938488;4198832;0;401;D87052A0-C9F5-D45D-987D-BDB401F74477/?ft_data=d9:96efba973e0340c6b21b8abc0d56db1c;d9s:96efba973e0340c6b21b8abc0d56db1c&cachebuster=684960163
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app4.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app4.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Mon, 15 Jan 2024 05:53:33 GMT
/
servedby.flashtalking.com/state/7938487;4198896;0;401;798F0283-418C-4A78-EA00-275869F1965E/ Frame B733 		42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/7938487;4198896;0;401;798F0283-418C-4A78-EA00-275869F1965E/?ft_data=d9:96efba973e0340c6b21b8abc0d56db1c;d9s:96efba973e0340c6b21b8abc0d56db1c&cachebuster=515556434
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app15.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:33 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app15.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Mon, 15 Jan 2024 05:53:33 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1154 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92523643&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5331551eacfae3bb18abacd2476825c83a7641ae5aa7d4afc1217d9532c742af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 15 Jan 2024 05:53:32 GMT
content-length
1672
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 28C4 		0
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
an-x-request-uuid
9a63fe34-de1f-4f8c-b8c4-9f9f9e7077e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.27; 176.10.106.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8BD8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=1379274890732070298&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 37AA 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YjFlM2RiNy0xMjRkLTRhM2QtODc5OS00N2FlYjk3MDk1NzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6DD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60297
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Mon, 15 Jan 2024 22:38:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3F38 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:33 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 958A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 15 Jan 2024 05:53:34 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaTIXMCo5tEAANElTFIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
214
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40366.dc2p.scaleout.jp
X-SO-IP
176.10.106.27
X-SO-Key
ZaTIXMCo5tEAANElTFIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"176.10.106.27","key":"ZaTIXMCo5tEAANElTFIAAAAA","privacy_sensitive":false,"uid":"ZaTIXMCo5tEAANElTFIAAAAA","upstream_id":"a-ad40366"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-UID
ZaTIXMCo5tEAANElTFIAAAAA
X-SO-Upstream-ID
a-ad40366
usersync
usersync.gumgum.com/ Frame 1DDA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 15 Jan 2024 05:53:33 GMT Mon, 15 Jan 2024 05:53:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6094
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jan 2024 05:53:33 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 Jan 2024 05:53:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=80
Content-Length
49650
cors
data.ad-score.com/data/ Frame DDD4 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=535f52e8d2631e357f1efb47&pm_pl=1705298013140&pm_td=740&pid=1000941&en=1.1&callback=__pm_glbl_RYlb9IDGoqY5qMkBqFhI2FAK._gc2&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
pixel
ap.lijit.com/ Frame 18A3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jan 2024 05:53:33 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 18A3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6HF7TsRlsjH8ZNZL5Ef_lQjhNg6JZbJR5viQWBR1LpWScl6LsxUYpQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
date
Mon, 15 Jan 2024 05:53:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 18A3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=da1d8b70-6ae5-4f1a-8638-a70623e954ec
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=da1d8b70-6ae5-4f1a-8638-a70623e954ec
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
a26_NASZaqVWtJCi_m_7umxJKMkwJTLVCCKauJ1yHkosCmSXlsnv-Q==

Redirect headers

date
Mon, 15 Jan 2024 05:53:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=da1d8b70-6ae5-4f1a-8638-a70623e954ec
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 18A3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZaTIWuXKlNON04lx1l0gawAA%263222
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZaTIWuXKlNON04lx1l0gawAA%263222
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
ijZ2UF2M9pua48dwdVWPK625K2A3E0IHqTjpsir4nKlwA9lnO0udrQ==

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UouXq%2B3iYk0vWn8tfsB5VwsayuDiBNEQvTtqZzljoYu64%2FPKa8NAuPR3UinvQBko9fZzRWJuFqI27ES0kvdfCjpw4zstalv9uj%2B9D2qkOIWlQIP7GwIP%2FEv1aooMeK3Mq%2F%2BiVca0Cjdr1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZaTIWuXKlNON04lx1l0gawAA%263222
cache-control
no-cache
cf-ray
845bdbeb0b7d0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 18A3
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=6727ab6650ba834ce1a0f627e4ee8a90
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=6727ab6650ba834ce1a0f627e4ee8a90
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
4jPtWUa1RCIDn4uSeJm8jeJjRbVbY3_m6zSQeo7OpfH0PGyb-gr3eg==

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:33 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=6727ab6650ba834ce1a0f627e4ee8a90
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 18A3
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1146922423687014129151
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1146922423687014129151
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
iRbYvmgzj2727MX44U5fAnmsTWHIhWSpf56fYjD-dfGQ6cQ8J99B_A==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1146922423687014129151
date
Mon, 15 Jan 2024 05:53:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame 18A3 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=INu47rxzCp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=79
Content-Length
49650
cors
data.ad-score.com/data/ Frame B733 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=82f6ea553dca0f4b9dc66368&pm_pl=1705298013371&pm_td=567&pid=1000941&en=1.1&callback=__pm_glbl_61tpY0tpB33xwKvaZ1Ln3IMO._gc2&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
bg.jpg
cdn.flashtalking.com/155251/4198896/images/ Frame 1AF4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/bg.jpg?1673563329978
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
21b66fd120120971ef13a36728c6b048cdfb18bc6355a4c79f9d49d1fe5e94f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:00 GMT
Server
Flashtalking (AKA)
ETag
W/"8a065c16527c487afc06ee3a519ae685"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
376208713
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6043
Expires
Mon, 15 Jan 2024 06:13:33 GMT
bg.jpg
cdn.flashtalking.com/155251/4198832/images/ Frame 8178 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198832/images/bg.jpg?1673563320238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3b403561e941f420b264319d720c59ad7ce75d7ed793783eeb6e6a2ce25c777f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"dcb8031efa9874f16e628fc17abcba3e"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
157963243
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5243
Expires
Mon, 15 Jan 2024 06:13:33 GMT
truncated
/ Frame DDD4 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
Content-Length
49650
usync.js
eus.rubiconproject.com/ Frame 6094 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jan 2024 04:50:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82580
Connection
keep-alive
Content-Length
10963
Expires
Tue, 16 Jan 2024 04:49:53 GMT
match
c1.adform.net/serving/cookie/ Frame CD25 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cm
ipac.ctnsnet.com/int/ Frame CC49 		43 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
s.tribalfusion.com/z/ Frame C33A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
845bdbecfea5021d-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 15 Jan 2024 05:53:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
845bdbeb9c57021d-ZRH
content-type
text/html
date
Mon, 15 Jan 2024 05:53:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1990
pubmatic
ad.mrtnsvr.com/sync/ Frame 28F3 		0
0
pub
matching.truffle.bid/sync/ Frame 37E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 15 Jan 2024 05:53:34 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame FB0D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6408453272
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6408453272
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 15 Jan 2024 05:53:34 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 15 Jan 2024 05:53:33 GMT
etag
RX4feff258aefc444fbbe7edb82969d503003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6408453272
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cs
cs-rtb.minutemedia-prebid.com/ Frame D2B6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FC87DDCE4402460E9224C3844C104772&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
0
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 15 Jan 2024 05:53:34 GMT
server
istio-envoy
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
qqQ4DJ8LepB3HFUhSihNbGiBQhcsdJODXObMi8XyjKvIbOGwbMNpUg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 05:53:32 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
mw
mwzeom.zeotap.com/ Frame 1154 		95 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
845bdbeb68850dc6-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 1154
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:39 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:39 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=73902EFA-80FC-4353-965B-1C31E6A8B23C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame 1154
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=73902EFA-80FC-4353-965B-1C31E6A8B23C&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=1379274890732070298&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=a6794b31b507174a
95 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=a6794b31b507174a
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
845bdbec69070dc6-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=a6794b31b507174a
content-length
0
truncated
/ Frame B733 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
card.png
cdn.flashtalking.com/155251/4198896/images/ Frame 1AF4 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/card.png?1673563329978
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
dbed53cb11df083113e8a251de754e017eaaca303ba6dab2451235d16afb6cf7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"b5f1a67dc49c88094af94afe1dcbeaf3"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
130941746 129365068
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10729
Expires
Mon, 15 Jan 2024 06:13:34 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=77
Content-Length
49650
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame B733 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type
image/png
X-Varnish
69423302 69718121
Cache-Control
max-age=691
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Mon, 15 Jan 2024 06:05:05 GMT
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame DDD4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type
image/png
X-Varnish
69423302 69718121
Cache-Control
max-age=691
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Mon, 15 Jan 2024 06:05:05 GMT
card.png
cdn.flashtalking.com/155251/4198832/images/ Frame 8178 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198832/images/card.png?1673563320238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
536dfd2d717f335dfe80e2ff06e8e8392ed8941e8fe8214c2f42238b34ec8910

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"3ecccc00c9c0d9d35da5e395cbffb463"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
860714066
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12750
Expires
Mon, 15 Jan 2024 06:13:34 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=76
Content-Length
49650
resume.png
cdn.flashtalking.com/155251/4198896/images/ Frame 1AF4 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/resume.png?1673563329978
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
522d69a00b930b1a4af447000520e593b9d1f7092f4bf1d2f6e4dfe0bf08eae5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"bf45ab6a0a4164e81ebff4cdb9869ae2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
144027560
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28729
Expires
Mon, 15 Jan 2024 06:13:34 GMT
object.png
cdn.flashtalking.com/155251/4198832/images/ Frame 8178 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198832/images/object.png?1673563320238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3fa330047f3bd1d8032edb0b3fa20cadac0b398470c241d5d94a13f92f0cb1c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"9cf6e4a8d4cb5f9d9da34bf737667c1f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
355770536
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4328
Expires
Mon, 15 Jan 2024 06:13:34 GMT
cs
cs.yellowblue.io/ Frame B1F4
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=3b5e9de0b4b2276ec52733aab8b9c497&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=3b5e9de0b4b2276ec52733aab8b9c497&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.48.67.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-67-86.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=3b5e9de0b4b2276ec52733aab8b9c497&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705298014064061-551
cs
cs-server-s2s.yellowblue.io/ Frame B1F4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=73902EFA-80FC-4353-965B-1C31E6A8B23C
date
Mon, 15 Jan 2024 05:53:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame B1F4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.200.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-200-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
sync
ads.servenobid.com/ Frame B1F4 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=NGu4NrEzkj_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
49650
resume.png
cdn.flashtalking.com/155251/4198832/images/ Frame 8178 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198832/images/resume.png?1673563320238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
054a00987c11dff744dbcad76dfbaea13fe25f9c97c3ed8af12b1fc7e105c6b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198832/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Wed, 25 Jan 2023 18:34:16 GMT
Server
Flashtalking (AKA)
ETag
W/"84126afba55d231ab139ce6119f552ef"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
427267849 427666749
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67732
Expires
Mon, 15 Jan 2024 06:13:34 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
49650
cors
data.ad-score.com/data/ Frame DDD4 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=535f52e8d2631e357f1efb47&pm_pl=1705298013140&pm_td=1019&pid=1000941&en=1.1&callback=__pm_glbl_RYlb9IDGoqY5qMkBqFhI2FAK._gc3&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
49650
setuid
u.4dex.io/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
  • https://u.4dex.io/setuid?bidder=openx&uid=cf4e6de1-c21f-4286-b209-83d6b868d7e1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=openx&uid=cf4e6de1-c21f-4286-b209-83d6b868d7e1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:34 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

date
Mon, 15 Jan 2024 05:53:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://u.4dex.io/setuid?bidder=openx&uid=cf4e6de1-c21f-4286-b209-83d6b868d7e1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=71
Content-Length
49650
cors
data.ad-score.com/data/ Frame B733 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=82f6ea553dca0f4b9dc66368&pm_pl=1705298013371&pm_td=853&pid=1000941&en=1.1&callback=__pm_glbl_61tpY0tpB33xwKvaZ1Ln3IMO._gc3&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=70
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=69
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=68
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=67
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=66
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=65
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=64
Content-Length
49650
khaos.json
token.rubiconproject.com/ Frame 0ED7 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LREIELHT-J-EAV3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=63
Content-Length
49650
sync
ads.servenobid.com/ Frame 0ED7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LREIELHT-J-EAV3
  • https://ads.servenobid.com/sync?pid=323&uid=LREIELHT-J-EAV3
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LREIELHT-J-EAV3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LREIELHT-J-EAV3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=62
Content-Length
49650
PugMaster
image6.pubmatic.com/AdServer/ Frame 94D8 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42246998&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 15 Jan 2024 05:53:33 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F419 		47 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57591637&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 15 Jan 2024 05:53:34 GMT
content-length
47
content-type
text/html; charset=UTF-8
ft.stat
stat.flashtalking.com/reportV3/ Frame DDD4 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938488;4198832;0-307-0-5858A9FD5D7024-954338614
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:34 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame B733 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938487;4198896;0-307-0-5858A9FD5D7024-382829991
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:34 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=61
Content-Length
49650
um
u-ams03.e-planning.net/ Frame 9CA1 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=96daf6a0fd113a5f&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/gif
date
Mon, 15 Jan 2024 05:53:34 GMT
server
openresty
usersync
usersync.gumgum.com/ Frame 7410 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:34 GMT
Expires
0
Pragma
no-cache
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=60
Content-Length
49650
khaos.json
token.rubiconproject.com/ Frame 6094 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LREIELHT-J-EAV3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=59
Content-Length
49650
usersync
usersync.gumgum.com/ Frame 2657 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:34 GMT
Expires
0
Pragma
no-cache
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=58
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=57
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=56
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=55
Content-Length
49650
/
ad-events.flashtalking.com/state/7938488;4198832;0;202;D87052A0-C9F5-D45D-987D-BDB401F74477/ Frame DDD4 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7938488;4198832;0;202;D87052A0-C9F5-D45D-987D-BDB401F74477/?cachebuster=256975221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.30.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-30-65.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
ad-events.flashtalking.com/state/7938487;4198896;0;202;798F0283-418C-4A78-EA00-275869F1965E/ Frame B733 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7938487;4198896;0;202;798F0283-418C-4A78-EA00-275869F1965E/?cachebuster=19607711
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.30.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-30-65.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:34 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=54
Content-Length
49650
cors
data.ad-score.com/data/ Frame DDD4 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=535f52e8d2631e357f1efb47&pm_pl=1705298013140&pm_td=1588&pid=1000941&en=1.1&callback=__pm_glbl_RYlb9IDGoqY5qMkBqFhI2FAK._gc4&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=53
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=52
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=51
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Content-Length
49650
cors
data.ad-score.com/data/ Frame B733 		1 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=82f6ea553dca0f4b9dc66368&pm_pl=1705298013371&pm_td=1488&pid=1000941&en=1.1&callback=__pm_glbl_61tpY0tpB33xwKvaZ1Ln3IMO._gc4&tt=g&v=68d29ed
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
Date
Mon, 15 Jan 2024 05:53:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:34 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=44
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=43
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=42
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=41
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=40
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=39
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=38
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=37
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=36
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=35
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=34
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=33
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=32
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=31
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=30
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=29
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=28
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=27
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=26
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=25
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=24
Content-Length
49650
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je41a0v873532799z89136110041&_p=1705298008933&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1649933049.1705298009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705298009&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fgiu5j4j0&dt=What%20Is%20The%20Best%20Place%20To%20Research%20Mercedes%20Key%20Online%20-%20Pastelink.net&_s=2&tfd=7237
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 05:53:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=23
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=22
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=21
Content-Length
49650
setuid
u.4dex.io/ Frame C115 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 05:53:35 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=20
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=19
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=18
Content-Length
49650
setuid
u.4dex.io/ Frame 83DD 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 Jan 2024 05:53:35 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=17
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=16
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:35 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=15
Content-Length
49650
SPug
simage4.pubmatic.com/AdServer/ Frame 1154 		0
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=14
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=13
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=12
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=11
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=8
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=7
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=6
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=5
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=4
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=3
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
49650
SPug
simage4.pubmatic.com/AdServer/ Frame 94D8 		0
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96daf6a0fd113a5f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:53:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
49650
sync
ads.servenobid.com/ Frame 8F06 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 15 Jan 2024 05:53:36 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:36 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
49650
sync
ads.servenobid.com/ Frame 6373 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.41.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-41-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 15 Jan 2024 05:53:37 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
49650
usersync
usersync.gumgum.com/ Frame 5CBC 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:37 GMT
Expires
0
Pragma
no-cache
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
49650
usersync
usersync.gumgum.com/ Frame 53FB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=73902EFA-80FC-4353-965B-1C31E6A8B23C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 15 Jan 2024 05:53:37 GMT
Expires
0
Pragma
no-cache
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=82
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=80
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=79
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=77
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=76
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=71
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=70
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=69
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=68
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=67
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=66
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=65
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=64
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=63
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=62
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=61
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=60
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=59
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=58
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=57
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=56
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=55
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=54
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:37 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=53
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=52
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=51
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=44
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=43
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=42
Content-Length
49650
ft.stat
stat.flashtalking.com/reportV3/ Frame DDD4 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938488;4198832;0-310-0-5858A9FD5D7024-72987872-50x0x0x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:38 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame B733 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7938487;4198896;0-310-0-5858A9FD5D7024-488706362-50x0x0x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.90.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-90-101.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Mon, 15 Jan 2024 05:53:38 GMT
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=41
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=40
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=39
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=38
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=37
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=36
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=35
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=34
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=33
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/giu5j4j0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.74.137.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
www.visual-fantastix.ch
Software
Apache /
Resource Hash
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 05:53:38 GMT
Last-Modified
Fri, 25 Jun 2021 15:18:31 GMT
Server
Apache
ETag
"c1f2-5c598a70565e8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=32
Content-Length
49650
classic_kmu.png
v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/ Frame 8E7C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLwBgsC14nDGmTYq0GdbI5qNPgXhpQeFTWPcEhwFuX9htFE7lqexDLFiLQoTl7VoFOQDe7org9fPLOC_ifhgzb1SRhOxUq3YTJHt9T4x-h9wZ0jnVMrOqEKGrySaG9SlPicIQax7QwCJH9ZrB-u9BRmJ8m&sai=AMfl-YSzwasx9nGMW_cIqISExzerovhOdayu5JsR0UXfFXrDoeuV1htFJUxqDpi9lj5ynIvurKg_QVdpwlZG3aLwpg5GtikBc52GYQ91F05YaSxJiAaGAoui_tfKqLZSkT4POn_MR7s_5fiQBlY9P3XA&sig=Cg0ArKJSzHXvHNFhw_H-EAE&cid=CAQSTgAvHhf_HKpt4MknCnQHRpI1oSCcNxtu42RurqjoRY23UjoeuuHX0uNSBJE8-1DFFfGZDopJiVefcZHIaFuY5pQsFHI5-U9KVy-1IgZnrRgB&id=lidartos&mcvt=190&p=332,512,582,812&mtos=190,190,190,190,190&tos=190,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1703297318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705298010681&rpt=222&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Domain
engine.widespace.com
URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEbcyxB6YSuZXDNyVI-HErY&google_cver=1&google_push=AXcoOmQpySpln1ONdMHNbLyg-N9wkqESbDvR7_tMhxTE59Z_QTQNHMa2Cbo_bLxx6pAzLGKthBWTGLDQ1tHk0nsC-y-QSYzan1yq
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7b1e3db7-124d-4a3d-8799-47aeb9709575&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
v-f.ch
URL
https://v-f.ch/river/Swisscard/assets/01_MilesAndMore/Karten/classic_kmu.png

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 function| $ function| jQuery function| Cookies object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| optimize function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha function| onYouTubeIframeAPIReady object| googletag object| gaGlobal object| bsaexperiments object| bsablockthrough object| bsagpt object| bsaheaderbid object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| gaplugins object| gaData object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| ggeac object| google_js_reporting_queue boolean| google_measure_js_timing boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MWRiZjE3YWNhNmJiZGNlNGxvYWRlcl9qcw== string| MWRiZjE3YWNhNmJiZGNlNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| Criteo object| sas object| apntag object| _ADAGIO number| google_unique_id boolean| 8010aa7a-7159-419d-9499-0e2274d3a993 object| GoogleGcLKhOms number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| ONFOCUS object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

174 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChcKBgjSARD9FgoGCKIBEP0WCgUIChD9Fg
pastelink.net/ Name: PHPSESSID
Value: 4fn0elbq9icncjqjvrck4h2mcu
.pastelink.net/ Name: _gcl_au
Value: 1.1.1514905763.1705298009
.pastelink.net/ Name: _ga
Value: GA1.2.1649933049.1705298009
.pastelink.net/ Name: _gid
Value: GA1.2.2105002343.1705298009
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1705298009.1.0.1705298009.0.0.0
.rubiconproject.com/ Name: khaos
Value: LREIELHT-J-EAV3
.omnitagjs.com/ Name: ayl_visitor
Value: 6727ab6650ba834ce1a0f627e4ee8a90
.pastelink.net/ Name: FCNEC
Value: %5B%5B%22AKsRol_WBIpyOPbqTyh3Rpt9AnPvkg2-HdHb_D5CyW2MPPIuoDm4VvSUBWLlypu46n_PjNP8OqI7XX0grcWvEs6JtrZjmKl0R5ibBMfeJw5vK62sppmoP3Xr3izDER_iYcMBU9xMwVmEflPqMdCSB0sw6D7quVUixQ%3D%3D%22%5D%5D
.pastelink.net/ Name: __gads
Value: ID=2b67001093ccaedd:T=1705298010:RT=1705298010:S=ALNI_MZ7nrG8YJWD5HUEPYgBr62tZLrBSQ
.pastelink.net/ Name: __gpi
Value: UID=00000d41a06d4104:T=1705298010:RT=1705298010:S=ALNI_MaJ1ZMwyhGP6vuFBWvwpBMgsp_C5g
.casalemedia.com/ Name: CMID
Value: ZaTIWuXKlNON04lx1l0gawAA
.casalemedia.com/ Name: CMPS
Value: 3222
.casalemedia.com/ Name: CMPRO
Value: 3222
.doubleclick.net/ Name: IDE
Value: AHWqTUnYIhAI53gS-Yib0b_wahrxnknMKh-tU0Ors_A7B5U0uuV9mOjQbH-5FkeiJpY
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AMlN6bSrwYr7zSa5
.adnxs.com/ Name: uuid2
Value: 4990313130819484401
.bidswitch.net/ Name: tuuid
Value: c026f4eb-0277-4707-adee-e8fc9092a995
.bidswitch.net/ Name: c
Value: 1705298011
.bidswitch.net/ Name: tuuid_lu
Value: 1705298011
.zeotap.com/ Name: zc
Value: b46f65a7-d1a1-4275-70a0-fe409de2cdbf
.gumgum.com/ Name: vst
Value: e_7b1e3db7-124d-4a3d-8799-47aeb9709575
.tapad.com/ Name: TapAd_TS
Value: 1705298011433
.tapad.com/ Name: TapAd_DID
Value: f1ec1bf4-2e5c-4a8f-97eb-f5701fbd1dfe
.adfarm1.adition.com/ Name: UserID1
Value: 7324199187187890336
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 73902EFA-80FC-4353-965B-1C31E6A8B23C
.smartadserver.com/ Name: pid
Value: 4627870834427052395
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.openx.net/ Name: i
Value: 90e8562d-bcf0-4fb9-a476-761907cdedf4|1705298011
.sportradarserving.com/ Name: zuuid
Value: 08bf407e-311e-4a46-8799-2e2e0249cb3a
.sportradarserving.com/ Name: c
Value: 1705298011
.sportradarserving.com/ Name: zuuid_lu
Value: 1705298011
.demdex.net/ Name: demdex
Value: 44561222254385087641815664406333329197
.creativecdn.com/ Name: u
Value: T0ZnZoI5a1N15MVFDRit
.creativecdn.com/ Name: g
Value: T0ZnZoI5a1N15MVFDRit_1705298011506
.quantserve.com/ Name: mc
Value: 65a4c85b-7d27a-d53b2-dbf8d
.adform.net/ Name: C
Value: 1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1705298011
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1sjAzMLMwN7U0MBLiM9RNcXLKNHV2LTAPDy4CAMN4YHklAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1sjAzMLMwN7U0MBLiM9RNcXLKNHV2LTAPDy4CAMN4YHklAAAA
.turn.com/ Name: uid
Value: 4173150087830260906
.contextweb.com/ Name: V
Value: 9KcPZIkFmo8X
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 034a3686fb1ead49
.weborama.fr/ Name: AFFICHE_W
Value: MZBPVgvwEFwx83
.yahoo.com/ Name: A3
Value: d=AQABBFvIpGUCEAcMLmZ7-LjN56dhPIEiekAFEgEBAQEZpmWuZbti0CMA_eMAAA&S=AQAAAojyYqkdD7PjwEawJ3vzZqM
.dpm.demdex.net/ Name: dpm
Value: 44561222254385087641815664406333329197
.adform.net/ Name: uid
Value: 1379274890732070298
.simpli.fi/ Name: suid
Value: FC87DDCE4402460E9224C3844C104772
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.sitescout.com/ Name: ssi
Value: cd35180d-acff-46a6-ba5d-360808063c2c#1705298011562
.adx.opera.com/ Name: UID
Value: OPU845984ba8d644232849a67946de2d23a
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_994414b5-8461-478a-9525-879f663be39a
.csync.loopme.me/ Name: viewer_token
Value: dbd8bff0-1689-421c-9e2d-623b474482f7
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7324199187187890336&KRTB&23369-7324199187187890336
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5124745693932530935&KRTB&23263-5124745693932530935&KRTB&23481-5124745693932530935
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4990313130819484401&KRTB&23339-4990313130819484401
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&KRTB&23047-C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&KRTB&23234-C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ&KRTB&23361-C0z7hyw9baI2ImBCZSHm8SI1RxyiZuXbolybc8kcrfQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4173150087830260906&KRTB&23150-4173150087830260906&KRTB&23527-4173150087830260906
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNTI5ODAxMTU5OX0
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU845984ba8d644232849a67946de2d23a&KRTB&23485-OPU845984ba8d644232849a67946de2d23a&KRTB&23524-OPU845984ba8d644232849a67946de2d23a
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588528606875902
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9&KRTB&19420-FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9&KRTB&22979-FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9&KRTB&23462-FT-W0EAywoYOPZPWE2_a0xduz9EObsHURT7a_hu9
.agkn.com/ Name: ab
Value: 0001%3A1RyAgMn1MUwCMynO0UqBjTVZaO0NYIll
.de17a.com/ Name: guid
Value: 1.1965549445137224645
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHbVOLfssyUkON6-HP12ptA&KRTB&23025-CAESEHbVOLfssyUkON6-HP12ptA&KRTB&23386-CAESEHbVOLfssyUkON6-HP12ptA
.go.sonobi.com/ Name: __uis
Value: 8b3588d5-16c6-4a29-b50a-120ab5ec4113
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c026f4eb-0277-4707-adee-e8fc9092a995
.audrte.com/ Name: arcki2
Value: 4h0zB6Hd1-qQb2pnL9L2fxPJQ!20220908!1705298011638!ip#176.10.106.27
.audrte.com/ Name: arcki2_pubmatic
Value: 73902EFA-80FC-4353-965B-1C31E6A8B23C!20220908!1705298011638
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4feff258-aefc-444f-bbe7-edb82969d503-003%22%7D
.krxd.net/ Name: _kuid_
Value: QCV_vpsg
.bidr.io/ Name: bito
Value: AABDnE7LSZEAABYvcylFIQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.quantserve.com/ Name: d
Value: EHEBFAH0Kv7KwQ7PjxA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1965549445137224645
.onaudience.com/ Name: cookie
Value: a6794b31b507174a
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348&KRTB&23418-cd35180d-acff-46a6-ba5d-360808063c2c-65a4c85b-4348
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIBG3RGpDR1wNFjPRYAAAAAAA&KRTB&22713-AAAIBG3RGpDR1wNFjPRYAAAAAAA&KRTB&22715-AAAIBG3RGpDR1wNFjPRYAAAAAAA&KRTB&23519-AAAIBG3RGpDR1wNFjPRYAAAAAAA
.fwmrm.net/ Name: _uid
Value: umo0447_7324769441298359181
.audrte.com/ Name: arcki2_ddp2
Value: 4h0zB6Hd1-qQb2pnL9L2fxPJQ!20220908!1705298011763
.liadm.com/ Name: lidid
Value: 1ef8a44f-a7f9-4521-97ae-bff7f075714e
.mathtag.com/ Name: uuid
Value: a7df65a4-c85d-4d00-8145-654c2eb210ce
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p4o|7dN.0.AABDnE7LSZEAABYvcylFIQ|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-HHt10NrrgUTRWhYbhVaTbTWg
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a7df65a4-c85d-4d00-8145-654c2eb210ce
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2_adform
Value: 1379274890732070298!20220908!1705298011843
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaTIWwAOn8wq8gBd
.ipredictive.com/ Name: cu
Value: 37fe0d3f-75ce-49cd-b1c5-3fd700532305|1705298011828
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fec55b33-3663-5e13-5402-eed96da6419c.Dz58OyhTY6ud4TJgZElZQTHYM8VdOJpGQSa6k3nd3l4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fec55b33-3663-5e13-5402-eed96da6419c.Dz58OyhTY6ud4TJgZElZQTHYM8VdOJpGQSa6k3nd3l4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_sVbMzZjXhNUAu7ZbaZBnLAKahs.0VhYpXQAdqW93wN6um3sd5F09oWc3Yta1uznDP2XB3A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_sVbMzZjXhNUAu7ZbaZBnLAKahs.0VhYpXQAdqW93wN6um3sd5F09oWc3Yta1uznDP2XB3A
.360yield.com/ Name: tuuid
Value: ecdb7494-b9c3-4d25-a436-f5b5b359eafc
.360yield.com/ Name: tuuid_lu
Value: 1705298011
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-_sVbMzZjXhNUAu7ZbaZBnLAKahs&KRTB&23334-_sVbMzZjXhNUAu7ZbaZBnLAKahs&KRTB&23417-_sVbMzZjXhNUAu7ZbaZBnLAKahs&KRTB&23426-_sVbMzZjXhNUAu7ZbaZBnLAKahs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINcVTR_FL8hyyYdZuo9DqCNrA-qR_GYK9TjD1qk_Zr5FEHwYBCDbkJOtBjABOgTwi70wQgQIpNxX.ZyC4hQ05qq1%2FnKbQALFOv2WJznmIdh74s%2FtUhwCTRLQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINcVTR_FL8hyyYdZuo9DqCNrA-qR_GYK9TjD1qk_Zr5FEHwYBCDbkJOtBjABOgTwi70wQgQIpNxX.ZyC4hQ05qq1%2FnKbQALFOv2WJznmIdh74s%2FtUhwCTRLQ
.amazon-adsystem.com/ Name: ad-id
Value: A15A3GTlREqLmlHXINgSQ5Q
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABDnE7LSZEAABYvcylFIQ
.pubmatic.com/ Name: PugT
Value: 1705298010
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1705298009.1.0.1705298012.0.0.0
.socdm.com/ Name: SOC
Value: ZaTIXMCo5tEAANElTFIAAAAA
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTunRh_Q!]tbPl1M>e)ZlrFUfJ+tGXxp2^)]UVX<XA6K'.u$:?8WyFlL5s_K@#?TPr-63If)y3KL9D3I?+3<N[XT
.rezync.com/ Name: zync-uuid
Value: d38a6717-0b6c-4407-a1fc-c8e6a5bbcdf1:1705298012.3130558
.criteo.com/ Name: uid
Value: e5b7fc02-b809-4b07-8c6b-459e7046245c
.doubleclick.net/ Name: ar_debug
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&29191124-d99d-4c49-8b21-e13066e3c3af"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDUyOTgwMTI7MjswMjHNjD3A+F5MjthtVB6AqeksCHZGJGMaZ6YHDnf4uZt+5Q==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3170:u=1:x=1:i=1705298012:t=1705384412:v=2:sig=AQHdvHHTpJWHxXiwkMWxXhojx7J4HiIS"
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129coOS_EuDjVxjgyp9E_Mz0v0C070dmxiMU8xtkg0Mzc01zVIMkvWNTExMNdNNExL1k22SDVLNE1KSk5JM7QyNDcwNbK0MDA00jM2NDYwNbUAAJvGEKlYAAAA
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5858A9FD5D7024"
.pastelink.net/ Name: cto_bundle
Value: RLhE2l9hVTR6Qnpzdkw3cEwyY1VrSG1nSnVDdXcwa09CeTNIQXJkemlnOXpuR3RuaENpVGlWSU9ST3klMkJVcVRFWGVJOFJLM3RaZFlxdW4lMkYyRUFTTHVReTB3djZiRVd0MCUyRjNNcjBPaW9jaVJtd1BBYnBla1EzVm9ETVc0ZFZ6UWFOa3BVYnhMc1NIQnpMdWsxVWhQZktUMCUyQkRFQSUzRCUzRA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOgyAQANC7zFqaGWBg5DKGnwlppY3YTY13r8uXvBOWT9232Gs_IBz7t06QX-3WgHDCaL-tPiEAk7UswlocOvE8o4ZrglHHaO--tHKfYiQ6T15hcllZi15FWrPKUl3klHJZKZBH1rMg6Ychg8wC1x-_DCYk.ZaTIXA.oszBDygJg2963RFswO2xNKvBT3Y
.adsby.bidtheatre.com/ Name: __kuid
Value: 20413bf0-4d0b-4493-a489-03e67703f38b.474512012
.primis.tech/ Name: csuuid
Value: 65a4c85cab893
.dotomi.com/ Name: DotomiTest
Value: 49c7124eb0bf15bd
.rlcdn.com/ Name: rlas3
Value: WQOnAzDt1heObGdHAUCPl5d53mSXEyZh6+z138Z6kxw=
.mediago.io/ Name: __mguid_
Value: f34e9699e10a7b192m0zzm00lreienuh
.rlcdn.com/ Name: pxrc
Value: CNyQk60GEgUI6AcQABIGCLrqARAA
.lijit.com/ Name: ljt_reader
Value: H_nBuRZHTNVNdAv6Q1qpFt7w
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129coOS_EuDjVxjgyp9E_Mz0v0C070dgziNTQ3MDWytDAwNDI2ttjEiOAbmhqavWJEkbecJGyeYmyRaGZuaK5rkGSWrGtiYmCum2iYlqybbJFqlmialJSckmZohdCkZ2xobGBqajFLGMkkE2OjRah841PiCL6xubEhABSU2iC3AAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2g6t:18z8~2g6t:19ah~2g6t:18vk~2g6t:19e0~2g6t:196n~2g6t"
.flashtalking.com/ Name: _D9J
Value: fbadc87b8214418ca19ae5a56ab7f90f
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_339
Value: y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
.servenobid.com/ Name: pid_312
Value: 4990313130819484401
.servenobid.com/ Name: pid_337
Value: y-QNqrbc1E2uFfjYDjoz0tGHWsGQnU7VZcnVNuSL0-~A
.servenobid.com/ Name: pid_324
Value: 5144588528606875902
.servenobid.com/ Name: pid_317
Value: 4627870834427052395
.servenobid.com/ Name: pid_310
Value: H_nBuRZHTNVNdAv6Q1qpFt7w
.minutemedia-prebid.com/ Name: wrvUserID
Value: INu47rxzCp_mm
.pubmatic.com/ Name: DPSync3
Value: 1706486400%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1706486400%3A3_220_238_55_81_166_56_13_266_8_22_254_99_214_176_88_165_7_71_46_54_249_233_21_251_243_161_234_264%7C1710460800%3A69%7C1706140800%3A63%7C1706572800%3A35%7C1705881600%3A2_223_15%7C1707868800%3A203
.servenobid.com/ Name: pid_353
Value: 0000EEA
.creativecdn.com/ Name: ts
Value: 1705298013
.adnxs.com/ Name: XANDR_PANID
Value: ShZOpy_AgUH5SP8vrNmAKMf68YyT7X5IrO35lt9FGy0Yd7KQ2QPwW0p7uaxFOsFnuMIFxeZO83hMaqnLO3syMqk_-D-q2lgjuW5UXcGEW0A.
.servenobid.com/ Name: pid_333
Value: ZaTIWuXKlNON04lx1l0gawAADJYAAAAB
.servenobid.com/ Name: pid_309
Value: e_7b1e3db7-124d-4a3d-8799-47aeb9709575
.servenobid.com/ Name: pid_348
Value: INu47rxzCp_mm
.3lift.com/ Name: tluid
Value: 1146922423687014129151
.ctnsnet.com/ Name: cid
Value: 1230c8c645084f59ad5aec906ac09046
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4feff258-aefc-444f-bbe7-edb82969d503-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.yellowblue.io/ Name: wrvUserID
Value: NGu4NrEzkj_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-f36b016f-2845-33ee-8a91-00bfc892f870
.go.sonobi.com/ Name: HAPLB8G
Value: s8532|ZaTIY
.onaudience.com/ Name: done_redirects68
Value: 1
.semasio.net/ Name: SEUNCY
Value: BCA254468185087C
.servenobid.com/ Name: pid_332
Value: 8b3588d5-16c6-4a29-b50a-120ab5ec4113
.servenobid.com/ Name: pid_352
Value: NGu4NrEzkj_s
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %40%9A%A1%40%FD%FCw6%97q%C4%87%9Bv%AF%A1%85%DA%92%7C-%8A%F3%E9%1C%60t%8B%06%12%BE%0A%FD%9EC%40%86+e%3A%0C%98%9D%1D%D6%BBp%FD%A09p%28%CD%5D9%3E%1E%D39D%1F%B9vPEf%18Fd%E8t%89w%EA%19i%03%1F%A3%D39%25%8A%7B%923B%C8%3B%23%1D%D0%B9m%5E%D3%3D%E9%FB%CE%C5%92%23%3B%FB%F8%82%A9%D9%BB%AA%10i%87%A9%7C%F1%E1%06%F6%9D%EA%CC%F2%10B%BE%2C%92%82%94%81%E9%E4%EC%AFe%BF%87%D1%E6%A7%95%8F%3F%FC%87Az%F5%A9%FB%B1Oi%E9%E43%CA%A6Gg%95%F7%EC%A0%B7V%D6
.ads.stickyadstv.com/ Name: UID
Value: 3b5e9de0b4b2276ec52733aab8b9c497
.admanmedia.com/ Name: admtr
Value: dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab
.admanmedia.com/ Name: ac_r
Value: CS159
.smartadserver.com/ Name: csync
Value: 86:4990313130819484401|94:ZaTIWwAOn8wq8gBd|127:AABDnE7LSZEAABYvcylFIQ|130:dd3c2f26-5c86-4383-912a-d0d1dc8ba4ab
.tribalfusion.com/ Name: ANON_ID
Value: awntuJyOZbSFoJTyBr0uRxySZcj9H9QrQWDZdHJ145VrPGcrTU5PT3VZbGTNZbik7DVhudim6ZaodpsaSdKgKdhLh4nvpL
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1705319614526
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6Ag9/jkNTN4s7VTIkcAJPBTRajfhjyT5hrJA3d4FNyv1K6UHhKyPsVgmDWwgUFJB0ITZI9/Nf5XGCYbB5SW5XQ3mePgyV9QG0XQD5U7tEfUTQ==
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.servenobid.com/ Name: pid_323
Value: LREIELHT-J-EAV3
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjQtMDEtMTVUMDU6NTM6MjkuNjc1NDE2NjY0WiIsImVwbGFubmluZyI6IjIwMjQtMDEtMTVUMDU6NTM6MzEuMTM4MjA2MDQ1WiIsImltcHJvdmVkaWdpdGFsIjoiMjAyNC0wMS0xNVQwNTo1MzoyOS42NzU0MjExMDRaIiwib25ldGFnIjoiMjAyNC0wMS0xNVQwNTo1MzoyOS42NzU0MjAzMTdaIiwib3BlbngiOiIyMDI0LTAxLTE1VDA1OjUzOjMxLjEzODM3MTMyNloiLCJwdWJtYXRpYyI6IjIwMjQtMDEtMTVUMDU6NTM6MjkuNjc1NDI0MTEzWiIsInNvdnJuIjoiMjAyNC0wMS0xNVQwNTo1MzozMS4xMzgyODI0NDJaIiwidW5ydWx5IjoiMjAyNC0wMS0xNVQwNTo1MzozMS4xMzgyNDA0NDNaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6IjUxYmFjYzBmLTU1MjctNDk4MC05NGRiLTY4MjZjMGVjNDNjZSIsImV4cGlyZXMiOiIyMDI0LTAzLTE1VDA1OjUzOjI5LjY3NDQ3MzgzMloifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFNbE42YlNyd1lyN3pTYTUiLCJleHBpcmVzIjoiMjAyNC0wMy0xNVQwNTo1MzozMS4zNDY3NTYwMjhaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImVjZGI3NDk0LWI5YzMtNGQyNS1hNDM2LWY1YjViMzU5ZWFmYyIsImV4cGlyZXMiOiIyMDI0LTAzLTE1VDA1OjUzOjMxLjk2MDYxMzM1WiJ9LCJvcGVueCI6eyJ1aWQiOiJjZjRlNmRlMS1jMjFmLTQyODYtYjIwOS04M2Q2Yjg2OGQ3ZTEiLCJleHBpcmVzIjoiMjAyNC0wMy0xNVQwNTo1MzozNC4yMTg2MTU2MzNaIn0sInB1Ym1hdGljIjp7InVpZCI6IjczOTAyRUZBLTgwRkMtNDM1My05NjVCLTFDMzFFNkE4QjIzQyIsImV4cGlyZXMiOiIyMDI0LTAzLTE1VDA1OjUzOjM1LjkwNjcxMjg2OFoifX0sImJkYXkiOiIyMDI0LTAxLTE1VDA1OjUzOjI5LjY3NDM4OTMxM1oifQ==
.pubmatic.com/ Name: SPugT
Value: 1705298015
.servenobid.com/ Name: pid_316
Value: 73902EFA-80FC-4353-965B-1C31E6A8B23C

21 Console Messages

Source Level URL
Text
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tags.bluekai.com/site/87734?id=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b46f65a7-d1a1-4275-70a0-fe409de2cdbf&reqId=8a6fa18b-2698-4a1c-7601-81142bdb4938&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938488&l4=4198832&l5=1&l6=1&utid=D87052A0-C9F5-D45D-987D-BDB401F74477&creative_type=display&adid=ftdiv7938488&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=268890.48638653604&pub_ts=1702026752&149393374(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225039&l2=DV360&l3=7938487&l4=4198896&l5=1&l6=1&utid=798F0283-418C-4A78-EA00-275869F1965E&creative_type=display&adid=ftdiv7938487&pub_app=&pub_domain=https://pastelink.net/giu5j4j0&uid=&cb=25078.254257601802&pub_ts=1702026752&161458393(Line 1)
Message:
Failed to create WebGPU Context Provider

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5fecef2a4794f1d42b7fbced3a5b6acf.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad-events.flashtalking.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.e-planning.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
c21lg-d.media.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.flashtalking.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
cs.yellowblue.io
csync.loopme.me
d.turn.com
d5p.de17a.com
d9.flashtalking.com
data.ad-score.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gtrace.mediago.io
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
js.ad-score.com
live.primis.tech
live.rezync.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
srv.buysellads.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stat.flashtalking.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
v-f.ch
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
b1sync.zemanta.com
cm-supply-web.gammaplatform.com
engine.widespace.com
pagead2.googlesyndication.com
sync.tidaltv.com
v-f.ch
104.18.36.155
104.76.200.221
104.79.88.129
104.79.89.214
104.79.90.101
108.128.80.168
130.211.115.4
130.211.23.194
134.122.57.34
141.94.161.190
141.94.170.77
141.94.171.215
142.250.184.198
142.250.185.194
142.250.185.66
143.204.98.84
145.40.97.67
151.101.130.49
159.65.16.11
162.55.236.225
178.128.135.204
178.250.1.9
178.32.210.231
18.157.200.172
18.197.191.217
185.184.8.90
185.255.84.151
185.255.84.153
185.64.189.112
185.64.190.79
185.89.210.244
193.0.160.130
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
211.120.53.202
213.155.156.184
216.52.2.30
216.52.2.86
217.182.178.234
23.197.128.137
23.213.161.200
23.35.236.188
23.35.236.201
23.50.131.75
23.56.202.187
23.88.86.2
2600:1f16:e61:3f00:6418:3db0:a56e:6f03
2600:9000:2057:3400:1f:4c18:bd40:93a1
2600:9000:237d:fc00:1a:5235:f980:93a1
2600:9000:2646:be00:a:deb0:3380:93a1
2602:803:c003:200::31
2606:4700:10::6816:3362
2606:4700:10::6816:4bd8
2606:4700:20::681a:9a9
2606:4700:20::ac43:4513
2606:4700:4400::6812:22b2
2606:4700::6811:180e
2606:4700::6812:19ad
2607:ae80:4::26
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a04:4e42:400::300
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50
3.121.30.65
3.124.81.102
3.224.6.94
3.33.220.150
3.65.43.186
3.75.62.37
34.111.113.62
34.111.129.221
34.111.131.239
34.120.63.153
34.149.40.38
34.160.236.64
34.206.6.79
34.247.205.196
34.253.16.244
35.156.188.18
35.186.193.173
35.204.74.118
35.214.168.80
35.214.193.209
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.20
44.218.239.184
46.101.85.187
46.228.174.117
51.89.9.253
52.208.65.154
52.208.7.68
52.214.179.171
52.215.121.196
52.46.128.147
52.48.67.86
52.95.115.255
54.145.121.220
54.160.145.206
54.229.214.219
54.243.132.7
54.74.215.17
54.74.41.4
54.78.254.47
63.32.195.36
67.202.105.24
69.173.144.138
69.173.144.139
69.173.151.100
72.251.241.204
74.121.140.211
76.223.111.18
77.243.51.122
77.245.57.72
8.18.47.7
80.74.137.136
80.77.87.161
81.17.55.112
82.145.213.8
85.114.159.93
88.208.215.108
91.134.110.136
98.98.134.243
99.80.102.181
99.84.88.128
99.84.88.18
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
03ac2955fa47afbf0dfdd9207ceabf9eb4d22fb59bc19c2f0809c776a1aace6d
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
04d554fce1eb3b5c1c4abd1bffba3fc9888db07e5a9b84fbe1b28d81ef2c4415
054a00987c11dff744dbcad76dfbaea13fe25f9c97c3ed8af12b1fc7e105c6b6
0567034a1b5fe07bc9c36d7b1f8f3f244904e860f4cd6ae67553117e715c498b
0587e88fa3dd5a3fb86dbc3c72dc35dcd3fba78dd1858d9c275d56554c982565
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095f3056fe0b1444bf1d15d9ed841ced55a0f20c48b531bb00abf878b61c274d
0a99ca80cd5f578e453b1b3249f7e39eb02cebfdb2faf1d8d4639e81600b8a58
0af34a2ac98115d7bc0ce1c6a19014fcefb93bb340dca57a14db590e9126461e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ea10722e3a9f9bbc2b5bd6301e95ab96ea33f2957089209ead86853d2d6b75d
11a39dd207f1b795b121aa8d65433fd59f1e51252bab5a452ea6261447584ba7
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
13d6a53dcf5604b9312b90543e5443d71d6dfbd4775f0a1a758a7ae59f83ce80
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1684421f8232c222da0192ba8a7d5be635d4327c72403e8727956d8119e7e9f2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1e51abf5a5f2cdd2baee209e9c0554ac4caa85a53155b7a6b1e51ac03678444c
20d98514539eec78a2603ce577a06fd59d8163e77227c9f8344f152c90de448c
21b66fd120120971ef13a36728c6b048cdfb18bc6355a4c79f9d49d1fe5e94f8
2455d1064d49b151522aba0fd41602e78ef7b30969fc85285e889610f123bcc0
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26c881989e77de5a917bffaf67ed549805ba5aafc2dcf706ffae5437d83aa143
28498c6aae2ee2d44add79f09b33f44d9558424a74ee50043bdb219164e8e276
286fcd6da925653b440f0af6a12ff55ddc2d7e39676564818684cd5d18545bcd
28fdd76729a76d30e887018dfe1573aedd8854016283eca3ec62a7645c77ec27
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c81a2400224a3748ac84fe01b516d91eb586e73a680f06cb4f398d2bcab9176
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dedc6b8a2e52bb58c4ea36524d1767e7f3eb7f5688ef78c5d42924bf7ba9ee2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
351220ec22ae42650787f57d03e0c42c35a9e77bde631202cccdfc09fd16669a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37352e7b5b38be4bd565c8c8e62a8827d4b11413a56e1927b950e611dc0bf0e2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38291f657fa90369c87a0a23fc59c92582dc86ee3a7250def2b2be44c235f0e3
387acf4c13f4ee3d957bf6018fb98d46709d3cf9ca6a11cb7196fccccad1540f
38dbd00cfad5931b427f966263e3fa21e39eb5355a0609fbeb48e224e5ff1910
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3b403561e941f420b264319d720c59ad7ce75d7ed793783eeb6e6a2ce25c777f
3d26d8514c7cd699205411507963ea7fd227a18af95a48d09cf62ca38ee3fd3a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa330047f3bd1d8032edb0b3fa20cadac0b398470c241d5d94a13f92f0cb1c0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
46573ff316fd47e867a03ce5c7246762647835d49a4eb1f615aae69ea294c33b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4762a9963a2a79a2fb0d6809de90a1db74207cb4762f6d3a2adb8fc5cf124a04
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
49af4e7977a5798d255d32980ece9a74200caa229c11a436be2c3871f7170f1e
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4c8a159651778f0ae37bbaf10b6d87d1451ead7f3abe06a5436c4935290d285e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fd5fe4c106c8db018e7dc1106a1968c58eb325a5ef1168346af5a295748a9bd
50496c620537502a3f9b8df428041a8c8880b998f25d2e33edf5f5310ee7a82b
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
522d69a00b930b1a4af447000520e593b9d1f7092f4bf1d2f6e4dfe0bf08eae5
5305218f770bf4d4f05e85f48789790cdefbde7a40401489b74453ae23d9b8a1
5325a2e91e1c59631540bea1293d9a6e6ead4e97e6bb04168e1e3c73d16df514
5331551eacfae3bb18abacd2476825c83a7641ae5aa7d4afc1217d9532c742af
536dfd2d717f335dfe80e2ff06e8e8392ed8941e8fe8214c2f42238b34ec8910
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5584346f26569e3b8d3b6db9084bf4699cc003096009fd4d57839c719feac9a8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b0aa5bb9805990ef8fed7c0aa2af4acb63f81e187eaccef588839ff4714a08
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5a6f8f8b98c2e960675e90eca9baf737eeab7b40fb3c8e1ed70bd9a3d140e91a
5b9b4500baed5d6caed1231300892ca9ed8393849992e01a441b771784cf10ed
5bcc8838a6783f5cdcbe887f95b3d91094f2fd1284cbe55e5a794b0a981aa005
5c83417cac81216bbc3d7bfc43fa84d6a323f99bc974f616a43b661f55fdc1be
5d6d2c88d8e0c17a981acd0a3335fa05d4172c4f3ea247cb4e513450cb1a2e46
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
671fd4b838cb8a9b5b95b45722e3afe521bde53d5ee2a41d13e4d2cefbf85daa
6a6ea1806cad3d5af8acf0873d448767ff23cb88df1ae9f1f1e965844c2a161c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6de5e6dc0280a122f020e341ce9ddce68d66ee1a9f959c15d229b5de73e330d7
70506ff0fc96ae2c7c08296833fc6351241ce57462416b453a2ee9b8581fe483
780a11011f423b6cae82ffab7b3eba531c48c21cad0ca4b44897571c232eaf79
794d8a316a63272e0e04f122b522da7992513afcfcceb3eba420323995bfa5db
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d0dca86e481d099ab637c042669485984aa3ee32865c4c15a47f22aa64924f6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ecccb49673e49ef3c8ce069223b87e22297c24f7f1b5f2c6e005dc3f3f43c6f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
919664d4c088d6963c5c872ced7e8859a3cabc2cec3ef42f4afa99de7a3321da
919b5c55bc401be9bc9ff513811831f035ef8d1a458a4e660ee93c405b24a3b4
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
948b32b0c96a38cdc15deca50ec2ade47e4ffd4f9683de9897bbfabb8f5ab3b4
962cd3e8b5e1eec750a5226347760e0d3f6f2c0a679a3d6a8e9a43e572fb05ee
963981bec61d9ccdb6f3187804338e1bdd76e8a21c594cfe7b5fa5556701c427
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b51ee5f3a0661ad8c0dd90a187c11ff8c290fdfb5ca246879c77bb8f171f6ee
9ea87bb8fa739ee1f70d3e4441b99fc5f84f9f5649e6078e529b6e0370148280
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a571ab93426b8aa4955339fb64e2b0de0354e4614d42a92232678285ac4c66d4
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e6853c0e16c38583a4ee40a992ed4da83d10ed630ac2ea760093e1dce778e0
b80dd520b2a0f6328c9177244413f511167342f8ceeb7be4ab30fbdbfc3cf4f9
b9325984eee950e46e2e851a713796d4d88f1b937ff457cf069e771fbb1d9948
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
bef35fb697c1dde0518a04ddb3802eb9276e7d206b8917375ed99b1d7f55eeaf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c2c2b611689fbd8ce0fc4b79f62c0bf6e3ea36a29da1dfafd8980bd90f6f367f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cb581ffed30bf7303274d9f41849eb066c4486a01ffdf538bce95bc649335bbe
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cebd78be78a2bfb10d766032cdafa68d0eb68589f0cade246d995c7470b7e09a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1c589479c17ff8fadcd08973adc0f6b48f2c2908f77fc118f439b57ac756728
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d9232e3bc927832d2df3b163615ce246c8be527c0e879244ee33d3a9d5a51cdf
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbed53cb11df083113e8a251de754e017eaaca303ba6dab2451235d16afb6cf7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2bfd76f836b4eaea3c0a6234c5baeff1229e5cbdb889dcf02b7dc94006f17e0
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5faded89892d1cc24f86e57e516ecef65dd599c720c7cc7b8201bee44d2d5ee
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9515f1dbae39bdbb1fa3ee9f4c0cecf4e1fd7926751354a391499b4b1e57123
e9a1acb04360e75cd2c9b6fbb8b2b958325826e8e65acc4d8a174d1935ea42dc
ea80571f3f39c551cfa72ec7b7eb1f5a755ff7cdd0ef7428a66ef5f579466d1f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ed63e0d2b29300bc2c425e9c1e7685d50f02227daa2455b2d82a0d945a4c1
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f9bfb9a6797a7bde8ba93909025b7679840e58b186caa443036d2bbe27635a9d
fcc15c1161218fda77c5c6d3d3dd7f71e0ab2e8a21cc62b56f131dbc3f21af4b
fd000fc6ab7de1e0fe4eace53316cfcef45f342402ecfe08705fa231c7423d78
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1d04b41c0d5bc20a1ccde277ea9210cba51e735a87f6ceef701d43b36a182d