pastelink.net Open in urlscan Pro
89.35.29.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/rypfdbdc
Submission: On February 06 via manual (February 6th 2023, 6:32:27 pm UTC) from IT — Scanned from GB

Summary HTTP 103 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 20 domains to perform 103 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 171647.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	89.35.29.15 89.35.29.15	25369 (BANDWIDTH-AS) (BANDWIDTH-AS)
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	193.234.225.88 193.234.225.88	34971 (PDDA-AS) (PDDA-AS)
9	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
5	23.203.125.62 23.203.125.62	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
2	23.203.125.156 23.203.125.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
3 4	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
1	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	2600:9000:205... 2600:9000:2057:2e00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
103	32

12 89.35.29.15 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: 15.29.35.89.baremetal.zare.com

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adligature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.234.225.88 (Milan, Italy)

ASN34971 (PDDA-AS, IT)
PTR: hex.psxhosting.is

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.208.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2e00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	138 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	244 KB
12	pastelink.net pastelink.net — Cisco Umbrella Rank: 171647	217 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1279 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3116 odb.outbrain.com — Cisco Umbrella Rank: 1529 mcdp-chidc2.outbrain.com — Cisco Umbrella Rank: 6009	86 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	238 KB
5	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 8853 log.outbrainimg.com — Cisco Umbrella Rank: 2459 images.outbrainimg.com — Cisco Umbrella Rank: 2217	39 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	3 KB
4	adligature.com cdn.adligature.com — Cisco Umbrella Rank: 79079	144 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9249 flint.defybrick.com — Cisco Umbrella Rank: 8954	20 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	145 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	143 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	30 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5333	531 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5524	209 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	31 KB
103	20

	Domain	Requested by
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com pastelink.net googleads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	pastelink.net	pastelink.net
9	securepubads.g.doubleclick.net	cdn.adligature.com securepubads.g.doubleclick.net pastelink.net www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	widgets.outbrain.com	securepubads.g.doubleclick.net widgets.outbrain.com
4	cdn.adligature.com	pastelink.net cdn.adligature.com
3	log.outbrainimg.com	widgets.outbrain.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	securepubads.g.doubleclick.net 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
3	6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	flint.defybrick.com	rock.defybrick.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com pastelink.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.gstatic.com	www.google.com 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
2	www.googletagmanager.com	pastelink.net www.googletagmanager.com
2	www.google.com	pastelink.net tpc.googlesyndication.com
2	fonts.googleapis.com	pastelink.net 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
1	images.outbrainimg.com
1	rock.defybrick.com	widgets.outbrain.com
1	mcdp-chidc2.outbrain.com	widgets.outbrain.com
1	s0.2mdn.net	6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	pastelink.net
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	pro.ip-api.com	cdn.adligature.com
1	cdnjs.cloudflare.com	pastelink.net
1	code.jquery.com	pastelink.net
103	34

This site contains links to these domains. Also see Links.

Domain
www.theliberalcup.com
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
pastelink.net R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
rock.defybrick.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-01-16` - `2023-04-16`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://pastelink.net/rypfdbdc
Frame ID: 50161BF00328CA2CD1A5E9EC49452F8E
Requests: 46 HTTP requests in this frame

Frame: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6FE4C5585028FB52A9BCA9D4022F6016
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOJ65zcXukMknhj5lgONBPD1lCVsi52w4kxM9hd3GPwNafFkDRMzvF5BB6O5Vgd7BbgCz2G0cf9oj5JVI4vOxgEj5rIvXTTKx2-c7rXH2StqM3e8hZ6vtUrJv4wl4DndKTjQfyRCF3v2qrPjU_Wwcb7DNXtbXCbmj0xfgqkbA3gPLzaFsujG_j7PtUxTzIrJoXalpFDv-NIVoJmU0b-aQloIp8VfWDadaJofGSICbe5ZzX2Hr_NaWfAqqhjcUMmG4zsOFiMlt-hQa_v-CtWwtcua-CLeCDR4GVMGM_aIYo2WjpCRHsFCsqqNNuapMUvoLUjSRevc9MmBi1VqeI8G6pXjw&sai=AMfl-YTj8GnVYKLj_BJVWX3L19xKch1T4VQ1HFhyQBmPYXERnP2cGftZ9hD3gasrKFGSmEOUV5Z2qMprwAN8-UGX3w8Yju_PZ84Ei7Suz14JMrodW5cA6MNTd6Rel8HXfcqNz2j86kYLK-ocbPOCkZA&sig=Cg0ArKJSzMl4UJUikmY9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7197E02AE6D041C03EF7C6366A7C5412
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E942AA72061A7D6F888403BD06AF5E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F7EE988931CCD66BE284C96DD1EB5461
Requests: 2 HTTP requests in this frame

Frame: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64F48747B1B8FBB56595C3B5DBA58257
Requests: 15 HTTP requests in this frame

Frame: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F142273DA43A00F4250D01444AEE3B1F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARjLnbLWATAB&v=APEucNWl3hlZ4HdnMaRmhMRWnybfBZhGCrB8s-sZ9y9cIH4hZNdWfPoqHuxALCeRoe4c2CYzh7nZiJ18WUZRntc-V7fjuoHX2XwyXEzXD2brbAGD3ybtfzMpKoHY6giv5fXCq00-ZaZIi_aO3Wsb8Zu6RaWgEFSPMx6tEyRJFZUQ6OENjuABRVQ
Frame ID: E9DD504E1EFAA7D3B4A75F2A95D06C1C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js
Frame ID: C7A95C7C353E7E94DD310E626CE4E176
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D20B55D4B9CEC533273FC44CC0CA9B8A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pastelink.net - Publish Hyperlinks

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

96 %
HTTPS

65 %
IPv6

20
Domains

34
Subdomains

32
IPs

8
Countries

1504 kB
Transfer

3628 kB
Size

17
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theliberalcup.com/forum/_jobs/live-diretta-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023
Title: https://www.theliberalcup.com/forum/_jobs/live-diretta-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023

Search URL Search Domain Scan URL

URL: https://www.theliberalcup.com/forum/_jobs/diretta-gratis-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023
Title: https://www.theliberalcup.com/forum/_jobs/diretta-gratis-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023

Search URL Search Domain Scan URL

URL: https://www.theliberalcup.com/forum/_jobs/calcio-tv-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023
Title: https://www.theliberalcup.com/forum/_jobs/calcio-tv-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023

Search URL Search Domain Scan URL

URL: https://www.theliberalcup.com/forum/_jobs/diretta-live-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023-1
Title: https://www.theliberalcup.com/forum/_jobs/diretta-live-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023-1

Search URL Search Domain Scan URL

URL: https://www.theliberalcup.com/forum/_jobs/diretta-live-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023
Title: https://www.theliberalcup.com/forum/_jobs/diretta-live-monza-sampdoria-in-diretta-live-streaming-gratis-06-febbraio-2023

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/rypfdbdc&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/rypfdbdc&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/rypfdbdc&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/rypfdbdc&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/rypfdbdc&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/rypfdbdc&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/rypfdbdc

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/rypfdbdc&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.FHt-dKjrDlHvQ.K-cLagAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1&google_hm=2

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK7IMWDoWwvv4gbpTcFuF0A&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0ODQyNzEzMTY1NTIzMjY5Nw%3D%3D

103 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rypfdbdc Show response
pastelink.net/ 23 KB
6 KB 171ms
69ms Document
text/html 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

7b77b990c37dad8f6bc7de7d257e3aaa50a87be89fc6f491d5f6d4ef3e9103f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 18:32:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 225ms
83ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 18:25:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:32:20 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 69ms
67ms Stylesheet
text/css 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=35

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/rypfdbdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 14:09:07 GMT
server: nginx
etag: "63b82b83-1e279"
content-type: text/css
accept-ranges: bytes
content-length: 123513

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 118ms
37ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: pastelink.net
URL: https://pastelink.net/rypfdbdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:20 GMT
content-encoding: gzip
x-sp-metadata: HS256.CMSrhZ8GEowBCiQ1OGU0Mjk5MS02NmE4LTQxNDAtYTE3ZS0xODc2OGM5NjNlMzgQ+OiCoKvU+wIaBgi0j4WfBiIRMjAwMTphYzg6MjE6ZTo6MTIomrYCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ0OTUzMzBmZi1lOTY5LTRkZTktYmUzZC1kMDUzMjFmMmY5ZDIYm/EBIhgIAhIUY2RzMDgxLmxvNC5od2Nkbi5uZXQ=.YYd6lPDLpLxOtPqx8713SSncojaNZxNUPHxWpDEZ+LQ=
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1675708340.dop007.lo4.t,1675708340.cds263.lo4.hn,1675708340.cds081.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 35ms
34ms Script
application/javascript 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=35

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/rypfdbdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 17 Nov 2022 12:00:15 GMT
server: nginx
etag: "6376224f-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 134ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2668488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32FZ3BfrBuzAcX1JHUgdGiLCpGhx%2BwWMFpuOVQoHxM33hTrlSHyMm7gZHJ%2BSrhasNrZpzihNm%2Bfncy00SlgrxTidOfV3aILReIbtQfjm9zHjDXsbLqqQtD0ZKXEEv5DF9NtV2JxOAaCfwkBli48%2BqLRM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7955f7cabad806c1-LHR
expires: Sat, 27 Jan 2024 18:32:20 GMT

GET
H2 200 rules.js Show response
cdn.adligature.com/pl/prod/ 17 KB
5 KB 163ms
47ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/pl/prod/rules.js
Requested by: Host: pastelink.net
URL: https://pastelink.net/rypfdbdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c36492a8f4f52f916f38368d77be0f0944fa0304b5981dac5fac0cfd71b3280

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 203
cf-polished: origSize=29775
x-guploader-uploadid: ADPycdtoUOxNcg2hu2p7iSucVzEO0FNRY1Lj7-XmVhkOqhNs5gIYGwMM8v7H6xq5U4k-Dv6ZaHvKnBclt1IBIU7EkmQPcYtA6n59
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Jan 2023 21:40:11 GMT
server: cloudflare
etag: W/"d056be6a027ac96037775cb0ef442c8e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675114811074467
content-type: application/javascript
x-goog-hash: crc32c=wVZtCQ==, md5=0Fa+agJ6yWA3d1yw70Qsjg==
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85%2FkybjT4CzoATGhb3khCxXGnUyuyE0IiA3pUTieMHffeGhsMhb919OZOiQIaOiVWPifGeV9bsZV%2FNJkfuD2YIbedsSkFe1%2FqxpvnuBnPFqyN7JzFqRJBqritEvDxnWUyWytmOduoIS0au5cROun31Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 29775
cf-ray: 7955f7cae85d74a9-LHR
expires: Mon, 06 Feb 2023 18:38:57 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
891 B 226ms
84ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56e73bc3c154b44d86813c0345ff992da7f8d68e93504ccccd273d359a773e85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 18:32:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
66 KB 233ms
84ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0542ff69c0c0ee3ac4342c0402371b313d71c745dc935ff1d7e0ab6b76af527d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67347
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 18:32:21 GMT

GET
H2 200 advally-5.6.0.js Show response
cdn.adligature.com/rules.js/ 109 KB
29 KB 51ms
50ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3095
cf-polished: origSize=178816
x-guploader-uploadid: ADPycdvHdkAQRlmVvNpNX_SVPL5yVAJAdBxbVy7GP14aYKgDLB74DbGeCl01Gg7NR5lazH9wRoLQPZJ8Zhg-aZzFhCCN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 18:36:31 GMT
server: cloudflare
etag: W/"93d406c6937e7a8018d85789ad1193d5"
vary: Accept-Encoding
x-goog-generation: 1671042991645353
content-type: application/javascript
x-goog-hash: crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEg3kMM55Oi8608iG1FfVySWdFEP2Z3MTFZMQuIeKgkSedZN%2BkxqTVUpl59Jq2ecx1WlXgxtB1mPBxg5O9BvILU7FpRhVY6H6KQX%2BOkrG1Br%2B74mUu95TEfwIZ6%2Bn%2FoxMFpUQrGTqDovu8wGn0o9lZ4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 178816
cf-ray: 7955f7cba95374a9-LHR
expires: Mon, 06 Feb 2023 19:40:46 GMT

GET
H2 200 rules.css
cdn.adligature.com/pl/prod/ 212 B
679 B 50ms
48ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/pl/prod/rules.css
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01894c475661e9e96bf36907c597f61284ab29d4d654e4c72fbd024664447738

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204
x-guploader-uploadid: ADPycdv8DAsmjlNqpvyGv1B7049AYiNagkFLQWHLnQXh0nHV2BHDPSLkQoMen9qLqzNdaEPH3Rs0aCBm1DPvr7APOETIdMlhUME-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:40:10 GMT
server: cloudflare
etag: W/"08ea8c3add92f19bdd3dc8ebabc350d9"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675114810025849
content-type: text/css
x-goog-hash: crc32c=ARUBlw==, md5=COqMOt2S8ZvdPcjrq8NQ2Q==
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPNo4BaLNu2O2yNqo%2BjNWGg4Yyd%2FDMZvpq8JQNUc1KMQ5Z5JomcOA1sLMwYvFrpDp52c3fWaY1L%2BvnNg2j6QPxxbQ%2Bq%2BPKsXoPdJhW%2Fy5h4Hl2TTad0wxo04fP3uvhGWtQkYMI%2ByMtL1FLGmz7XRRAM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 212
cf-ray: 7955f7cba95174a9-LHR
expires: Mon, 06 Feb 2023 18:38:57 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 402 KB
161 KB 214ms
61ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 14:11:05 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 38ms
38ms Image
image/png 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo.svg
pastelink.net/assets/images/logo/ 3 KB
3 KB 39ms
39ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-d3d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3389

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
409 B 38ms
38ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 212ms
61ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:19:38 GMT
x-content-type-options: nosniff
age: 385963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:19:38 GMT

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 38ms
37ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
749 B 51ms
51ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 52ms
51ms Image
image/png 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 52ms
51ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 4 KB
4 KB 52ms
52ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-e31"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3633

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 53ms
52ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 267ms
122ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 22:20:50 GMT
x-content-type-options: nosniff
age: 331891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 22:20:50 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 212ms
68ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 00:45:28 GMT
x-content-type-options: nosniff
age: 236813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 00:45:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 276ms
132ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 15:34:40 GMT
x-content-type-options: nosniff
age: 269861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:34:40 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 54 B
209 B 205ms
58ms XHR
application/json 193.234.225.88
PDDA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.234.225.88 Milan, Italy, ASN34971 (PDDA-AS, IT),
Reverse DNS: hex.psxhosting.is
Software: /
Resource Hash: 7a5cc035cf65f1f7850b2a574225ef655394087d4f3cc69459bbeb18be67d082

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Feb 2023 18:32:21 GMT
Content-Length: 54
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 330ms
184ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973365504227bb9514fd7d8244caaf53750ef46a6e2537916e3f03cacf38b4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27297
x-xss-protection: 0
server: sffe
etag: "1474 / 3 of 1000 / last-modified: 1675685220"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Feb 2023 18:32:21 GMT

GET
H3 200 prebid-7.25.0.js Show response
cdn.adligature.com/pl/prod/ 343 KB
109 KB 55ms
55ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/pl/prod/prebid-7.25.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194e559f51337bc74515628e683e9ae1fc897207cf9ce2dc12eaeab520fb3c76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 186
cf-polished: origSize=352333
x-guploader-uploadid: ADPycdtpXfIFupntrzFtuQ9PMv_XIF1kvDt1XlB2Tq4mlku0flxizoLcdW5E1Bw3goDq2bLPOVx0Ivv7WMfyT7qmO3Ndrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Jan 2023 21:40:09 GMT
server: cloudflare
etag: W/"deafa7e2ba5ddfa8759a8859e6676108"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675114808910975
content-type: application/javascript
x-goog-hash: crc32c=+uvSMg==, md5=3q+n4rpd36h1mohZ5mdhCA==
cache-control: public, max-age=900, s-maxage=300, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L557BZ%2BBA3o7I%2Fqs9fJcMPfJKFzF1VTAcegs2GwRwmbmp28U%2BPIwQm4%2BC1F4c8I08ZftUvcNYeHrfR77bDDu467RgKW50j8BHcZcehf5rdcHtzPbcSpKJj5Gvye%2BcxktX35tWixY5e4Bs18My0zehI0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 352333
cf-ray: 7955f7cc1a0a8861-LHR
expires: Mon, 06 Feb 2023 18:34:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 204ms
61ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 17:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4813
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 19:12:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 84ms
83ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a53d77a298c7b90ad647a37702466e58cedfa2b151375acd119ea348ca71c10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Feb 2023 18:32:21 GMT

GET
H2 200 pubads_impl_2023013101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 60ms
60ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb275de8542c2555ea04946af999972b6e0040e5165996435f3ae1529e636b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132970
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 09:37:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Feb 2024 10:56:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
84 B 226ms
94ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:32:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 131ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3210&_p=538424751&cid=543994705.1675708342&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675708341&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Frypfdbdc&dt=Pastelink.net%20-%20Publish%20Hyperlinks&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 82ms
81ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=538424751&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Frypfdbdc&ul=en-us&de=UTF-8&dt=Pastelink.net%20-%20Publish%20Hyperlinks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1410501909&gjid=1310070217&cid=543994705.1675708342&tid=UA-55088947-2&_gid=1964616803.1675708342&_r=1&_slc=1&gtm=45He3210n8155WHPWQ&z=1859772395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 82ms
81ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=538424751&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Frypfdbdc&ul=en-us&de=UTF-8&dt=Pastelink.net%20-%20Publish%20Hyperlinks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=663494880&gjid=1872649701&cid=543994705.1675708342&tid=UA-197326395-9&_gid=1964616803.1675708342&_r=1&_slc=1&z=1708448903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 311ms
94ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 235ms
86ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
35 KB 661ms
661ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844828769427875&correlator=2354452054038601&eid=31072029%2C21065725&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=759513158&sfv=1-0-40&prev_scp=rand_key%3D26&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675708341767&lmt=1675708341&dlt=1675708340809&idt=898&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Frypfdbdc&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=543994705.1675708342&ga_sid=1675708342&ga_hid=538424751&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd03f47b91344f266328a4b5cfc37665442ad26e317a3183f89038844910b792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35382
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 227ms
226ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844828769427875&correlator=2354452054038601&eid=31072029%2C21065725&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CTop_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2603746535&sfv=1-0-40&prev_scp=rand_key%3D26&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675708341775&lmt=1675708341&dlt=1675708340809&idt=898&adxs=310&adys=317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Frypfdbdc&frm=20&vis=1&psz=705x146&msz=705x0&fws=4&ohw=1600&ga_vid=543994705.1675708342&ga_sid=1675708342&ga_hid=538424751&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

674b3f6a673eee1b7fc7a476a5128356e1b5860ea88c7938446667defc928445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9593
x-xss-protection: 0
google-lineitem-id: 6050546567
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395899325
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1153ms
1153ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844828769427875&correlator=2354452054038601&eid=31072029%2C21065725&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&adks=3854452215&sfv=1-0-40&prev_scp=rand_key%3D26&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675708341779&lmt=1675708341&dlt=1675708340809&idt=898&adxs=1071&adys=521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Frypfdbdc&frm=20&vis=1&psz=168x607&msz=160x-1&fws=4&ohw=1600&ga_vid=543994705.1675708342&ga_sid=1675708342&ga_hid=538424751&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf0650c89cb7cedb92258f995ac1ccbf54729d4e33faf204bd3f77ed972675c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8276
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 271ms
117ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dba25d38b4b72cba06bc7e5f09b943519850c8c11c06a7feab2244493a07710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11357
x-xss-protection: 0

GET
H2 200 container.html Show response
6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FE4 6 KB
3 KB 323ms
104ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:32:22 GMT
expires: Tue, 06 Feb 2024 18:32:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7197 0
0 96ms
96ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOJ65zcXukMknhj5lgONBPD1lCVsi52w4kxM9hd3GPwNafFkDRMzvF5BB6O5Vgd7BbgCz2G0cf9oj5JVI4vOxgEj5rIvXTTKx2-c7rXH2StqM3e8hZ6vtUrJv4wl4DndKTjQfyRCF3v2qrPjU_Wwcb7DNXtbXCbmj0xfgqkbA3gPLzaFsujG_j7PtUxTzIrJoXalpFDv-NIVoJmU0b-aQloIp8VfWDadaJofGSICbe5ZzX2Hr_NaWfAqqhjcUMmG4zsOFiMlt-hQa_v-CtWwtcua-CLeCDR4GVMGM_aIYo2WjpCRHsFCsqqNNuapMUvoLUjSRevc9MmBi1VqeI8G6pXjw&sai=AMfl-YTj8GnVYKLj_BJVWX3L19xKch1T4VQ1HFhyQBmPYXERnP2cGftZ9hD3gasrKFGSmEOUV5Z2qMprwAN8-UGX3w8Yju_PZ84Ei7Suz14JMrodW5cA6MNTd6Rel8HXfcqNz2j86kYLK-ocbPOCkZA&sig=Cg0ArKJSzMl4UJUikmY9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 7197 216 KB
75 KB 454ms
185ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab111c03c96f7f6b484035b0e951d11430877d740c59039b26598f80a6703353

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 14:45:21 GMT
etag: "2c-0CiAFmYjB/NEx3XUueJ47dX7W6c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 8d1c16a17ebbde18a9fd647354fd5ff
timing-allow-origin: *, *
content-length: 76132
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7197 157 KB
49 KB 253ms
102ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 265ms
116ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E94 13 KB
5 KB 66ms
60ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 33162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:19:40 GMT
expires: Tue, 06 Feb 2024 09:19:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F7EE 783 B
919 B 88ms
85ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b8ba39ebe146431165166c4d30991a00728cf481d9f48621b8174a1a50a330b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l0ivUAkJKkQTOA5YA0UCkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-l0ivUAkJKkQTOA5YA0UCkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:32:22 GMT
expires: Mon, 06 Feb 2023 18:32:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 7197 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74a2e3406d78f889842fb524ac150944dd0c11156de5a897f566bf10f8ee76e1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64F4 6 KB
3 KB 66ms
65ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:32:22 GMT
expires: Tue, 06 Feb 2024 18:32:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F7EE 0
0 247ms
99ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023013101&jk=1844828769427875&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E94 36 KB
14 KB 213ms
67ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 09:19:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64F4 8 KB
991 B 96ms
95ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 18:06:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 64F4 2 KB
765 B 71ms
70ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 64F4 0
0 113ms
113ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChFH7tUfhY-HNOreTjuwPo7q0iA_hyoDfbo-4y5bBELvblJToDxABIImLxFBgu4aAgNAKoAHT_PbVA8gBCakCo9wQC5IBsj7gAgCoAwHIA8sEqgScAk_QgLjrg08byMK9vxyRjeqkauNjEzzc9FF_ZyXtOCwXb4wbINbEC4zE0ehPLzyDQBvDpsnuHExY3PVshS-1qWnzGofovFmlEGlnTehjoLZUGcImpyPWZZub_UEGvVFiVmWnG_4a1n_wv1g8xIkO9Etg_6zPlpH7duhYMEFVSnKZcZbYBfWLbwkI6xXwBT8aPPxEUE8hD-xH10KATlpsoVJDTqOn0Bqty_fKmQFCmTOjAPFm_E4R7qFtyRAKiCIjCZdrq_3Q2IQoiEAUS040PWtWT7Qu1MDT3gcFQqZSmIdUR4xo3IbNpoWCee59ExUprFttQDZSrLWI2v5ooxMCYOQldoy3r8gqiKDh1gyBO0eMCmn2QxfBbEoOSodkwASM2bXmowTgBAGSBQQIBBgBkgUECAUYBKAGLoAHop_qyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD-2AXSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAZgMnLHBrJAEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0xNzUwODU2MjM5MjA0NDE0GPrefA&sigh=SV8Gwl6INzA&uach_m=[UACH]&cid=CAQSSwDUE5ymn-U6GhrSs79RfFP9PKzmWKnLN4fJY-BUv1TvzZkH70GyzOBgfwQeBevZxVJqnygIbdY0oOqVNw17vmG3PJfWk1y5x_VSYhgB&template_id=515
Requested by: Host: pastelink.net
URL: https://pastelink.net/rypfdbdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 64F4 22 KB
9 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 64F4 3 KB
1 KB 75ms
75ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 64F4 18 KB
7 KB 80ms
78ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64F4 157 KB
48 KB 407ms
406ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 64F4 33 KB
14 KB 208ms
59ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H3 200 15348253372493321217
tpc.googlesyndication.com/simgad/ Frame 64F4 970 B
997 B 84ms
83ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15348253372493321217?w=100&h=100

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 05:49:27 GMT
x-content-type-options: nosniff
age: 218575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 970
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:35:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 05:49:27 GMT

GET
DATA 200
OK truncated
/ Frame 64F4 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64F4 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92fb616e35cf133b04619f9e5c7be7afb3603356524e6fce15c561e1205f523a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK cGFzdGVsaW5rLm5ldA== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 7197 15 B
461 B 462ms
67ms XHR
application/json 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/cGFzdGVsaW5rLm5ldA==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 18:32:23 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=39592
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 140d32feac474d35b24619e8160da90
Content-Length: 15
Expires: Tue, 07 Feb 2023 05:32:15 GMT

GET
H2 200 notOutbrain.js Show response
widgets.outbrain.com/nanoWidget/2010149/module/ Frame 7197 1 B
388 B 234ms
88ms Fetch
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010149/module/notOutbrain.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Mon, 06 Feb 2023 18:32:22 GMT
content-encoding: gzip
content-length: 21
last-modified: Mon, 06 Feb 2023 15:22:49 GMT
server: AkamaiNetStorage
etag: "68b329da9893e34099c7d8ad5cb9c940:1675696969.264727"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Mon, 13 Feb 2023 18:32:22 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 7197 43 B
380 B 133ms
68ms Image
image/gif 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: pastelink.net
URL: https://pastelink.net/rypfdbdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 18:32:22 GMT
date: Mon, 06 Feb 2023 18:32:22 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E94 0
10 B 63ms
62ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XhTc7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7197 0
0 112ms
112ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvo3xYJrDwJC3o3m9NUYM1KSULLkKhrQKHTF5naNuWygyYg-rBchx1mHhCdSF45yplRbNydseHTxDC8W-PePZzKGfACqD9slWfKwxnAmfjRn-n_KQpNixmoVcDPP5iolOWWcF5xuzYRC95GVCZRxCyEahC2cLm-7--v2XiiyH0Wjy5zFPun0AdON6Q1BVmKQLnKXAnKih9H5gA3zZ0pnLJivhRJyeMd7yVU4lEzB4nSmLsVuTNtReUTQRvFSOcVL_YSEhVT52HdDwsqzsJhHlslpA_7_T3LpLEfizIjZWmVU-jLf7AfqweXHAVWR9VBnROi0UzbpelVjqIiq7ayem3WtlVTQw&sai=AMfl-YR8BkUaRxs4FZYkd4GZsPsus3SJDbHv-aJVKXsZpxnM_2E3jCI-7oL4sxREP-FBQgvgUVqG_eKk0aA-o2fUPvRpLpYDAmv_DhF_uIKQ3S-taTxPeGN5piEjbMUL9-FiQsuCt9wOV2yyY-rHUpM&sig=Cg0ArKJSzEEp2KvwJjZoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:32:22 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ Frame 7197 17 KB
6 KB 517ms
338ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpastelink.net%2Frypfdbdc&idx=0&rand=60698&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010149&sig=xQsqDVPJ&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fpastelink.net%2Frypfdbdc&ogn=https%3A%2F%2Fpastelink.net%2Frypfdbdc
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 21092bc0ea41db6a4b01ff7fb6a5a6e7e386f43842db8792f55b89c1032d82ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 06 Feb 2023 18:32:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, CHI, VIE, Europe2
x-timer: S1675708343.121531,VS0,VE279
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-chi-klot8100108-CHI, cache-vie6356-VIE
x-traceid: d8e8190d288b7058115784e309ad5b46
accept-ranges: bytes
content-length: 5477
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 container.html Show response
6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F142 6 KB
3 KB 64ms
63ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:32:22 GMT
expires: Tue, 06 Feb 2024 18:32:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E9DD 624 B
605 B 95ms
95ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARjLnbLWATAB&v=APEucNWl3hlZ4HdnMaRmhMRWnybfBZhGCrB8s-sZ9y9cIH4hZNdWfPoqHuxALCeRoe4c2CYzh7nZiJ18WUZRntc-V7fjuoHX2XwyXEzXD2brbAGD3ybtfzMpKoHY6giv5fXCq00-ZaZIi_aO3Wsb8Zu6RaWgEFSPMx6tEyRJFZUQ6OENjuABRVQ

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:32:23 GMT
expires: Mon, 06 Feb 2023 18:32:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F142 69 KB
34 KB 125ms
125ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6WZi9n_msbryYoUPJchVnpwwS26XnIR3oOnvxnm0BD8nkqF0IEMtAqyCd9A9gl9kdImZUYYwWQ7r_ZUgCmRkRNJkkew&cry=1&dbm_d=AKAmf-DqLxW9Q4zFox5o28jns33RpCPeTlURK2ozdtvQ6FqR9dKvMdmN8gPyU4I0Zxmz8hFOT3A5qBzAaVTtwlgK8o9xtY91UjJ3ssMImTkuw3CiEcUWlJrlI51FFXfJW3NgTe-2HRdT-C-fMp9kLbLWaViitft4cMsEiaBBraU-LBzbGQQ28-19obvkkmH9R88qcUvfnWPnSUIzmgOAwPgCwQ2JObAm938X4oBF_fFFXkXtX6hl-uYKKEoRhFD2g8cqTIL5OtCV7NnhdP_BcxKe2hQlaIGJldWz4sfDm38i9C_cGgaVBK4JvSrjbaNIO50jmtLmpviERSCAAoxmkZMvYvyvbhaDjZ7XnQy_dUSl50X1iSpZhtPnsph9TMhwWK9ot-kz3Nk-SCBwFrIgVNpqMF3t4nYe-YNF-cHqfTiBV1V1U0YVZHaXu-mggsThd3jK7Tm95UJvNryjZvjC043k38QqQd2QhcG8xrtboXvbFPUwvC03PgVdZGIDxVfNtLEhKV1ythLWcYzYHAcpskblgObLH7SeivndEM_wcGqA641RytFM7GPF7rqHA-niRxniQ7-6vjYAIzB56vYMuJO0SHiaWUzVpVF-6ab6EmLVMe3r8DYyRmV21iAc3mGRECEWiG4zxqaGZfOkUzZWWJE2NZOM0zvrQN3hlnnWq0_eVpt5Q_IuKmpMs__tGIbGeHBrS3Ou_qwGqgRcqdD8P4EmcFR-NM7JRstYrwh5nyRc94KRgMj5Pt3LjUvsLfTB8mwj2djToEkvMKc6gdaSo7WDr07EOCobSb9LX-wSIZqqY2Gw2DmxgqJjJMvqJmRe4rsd6Iak8KFYyXN5gO41fqUDFFy-u8gqRWy8bWA0_uJs1ABwKp8PfLQkpdDrweSud0grKtLp_CQ0h1UD3L4gTTBJYdLCJwy9NDr8VUPtzidqqS66ScAUZREUtEfgsK71UnwYOdI2z-Lwrl2ZTwlJL8umr1fQJnWE6gXd7Mds82xi4cZ2YdTv4gm7KFa4LwNcG8j64HE-LBe9lwJubxR3ZDzKa2h68SDELnqIVQFBWE5HTDaxpaIuJ_prcNth7sXaLvCuf5cygKZLztL-VAvtfR7yyTsN6IwGS5q-6N9rVVgjX1w6BD_Ej49yHSFF9GxpkGFIHnRNdXtKsuldVkXDJYUYPoPCPyEidLxAMDTSs85X-3EaVg3qUIlXMkhgJHoSW7m31hjdm5Ji3nNt9MY343vPXZbgg0Mi3Nl5slu1J7xZa2yilPUBIWDubjuqLIyuO4duK1ILBJDkmPf7hxDsGzbpeqi4KSALLmY1Wk-HU5UQb4yFzUkxYUUzrDY9b-px8-rEV56ZV5Y6lRyHvf3K5zpf5Mx8EGDkoNBP0yM-Ui3AGdDch0GMH7dZEGYhFyM5xYtd2P89VhicPIJV5a5cjAjNSfqHX_EqPD0_UuD8Z-uOCP5TLh2gfzJG3Wfqz5OGoz6Q6_Ew-bClMT3XdOhDEPvk7g8CdqgXMmbWdTflmSEb1KNev6KlS3hyIVq1vLd_k4yLWn99E9k4A0d02AfGJ2N0Ppl72l79R0gBY46-CsO2GyblpozM5hDuso00fsUalbzPdD2Kmcn3hXApYQiCyi6GRe80yWQw9mCsjN6xQpCS-WqjTH6RZEWCq5fIANvy_JATIxO7V7S_KKCtmNIMNI_7w_-5JSf-KXjUWexktGFvn2QWAdSLT-XawrEXZ_uWI9TBce5PW5Ih83j8cCZDF1d9Rv_DCpBS6BTI4G9kRcre0EMusfSh50cevlMaQdqfGCFuRMftlmtwSDbNksDYpGYLV6zCMLwQvKMayyVqVzpdWYYEUa1C9g1oOKd_GM1CBE0Qlm1OT-xbIVZxEwJxLp-jR4aNyVx5WguGUj9s1Wmoe9TTPavRZ-9Kz7EOjqF9RvEmjGzcfioSGhuD8cQvii8OKfLook56f7K1rFKcOBPd-kujksLwoROrYLRsoP08TMNiHZ0ijVXsxBWM1q-qDhOJepc7LuOiruF1IHg9NGLmSuxTrcbgiJ-y6ayx2QyZXk7kktRonIUBLn8rQ9Gb7hCUKkIlbUuf7I5uKlck8Q4BZhAhBmQMvS9O3sJ--da9zWd8X9hjwA3QUSq5txbHJBGLR4kaBM5OLeW0-Ry1CtbdC0Pg2NuRdA1ApH3mO51Be81T9eme744EyPsJnou3JiQeh0mJRrUMkOwB-Bs5bjL-ttN2ROAUyjqUBzBbegl1ytRMiITmZdhcn4FaIOqlHDdCZwaF5-U9sbdGNgwXuBoIMDy-8jmuT1r4ant0KBo-pa19Ao3l24Y2lDPB5wPLGpNCF2r3_Uuwp4pRDqvEbTnSRsQozKUQUnjDpih_vzs_KOciUo9Tj5kMTx5eIcNcqrCdJnyamKRap8ksBG_WRJG8Wk4OlOZxxOrZjJkc0cM3kbM6NuEC5oxVu1dbVwbzJORPe68PVyv5PKwILokBCkMUtnnVcJtcwK6-M-EBzKY1F8zel38m1LXeFQKRT0xmU5qKpGGVojUNFVAihfknpPYuxAh8nh-tdsXK4FUGsbQb_SQZLkhGV82WWLzvbr8Sgkh7AV3duGNBfHhQpqpuVPoAjCQei63FYDB7lVtnToRwtL_REMp09lRRNjuiyN5LiLABqiW9uWVyLy14y40dBWd_5XmaZzq67hSdlfv22J5VXa03mn5j-ZyQQtQyotJ9KxHCoy0eHzAYg52XoNYVSICEq7gwFtxvZH_pxhqKwNmQHw3EwRdAeV0JAdmVhLn4P4c5GtSxpy3bgl7hr3fSouGfVAUCjDb0PKRmlBxocU_oaA29lbJ04umlVO_70fwhIwbKSy8Cdz2r4qblMHWOjY8uB68RZMtLM0CeAyUT-S9v9XOl75rKQyXEEXZqVsnLNCLVJfs5WkHoAq38iAtkM6KoAqAHifwpMHgii4fywBJq74NkW1IWpQKRt1PfhiI1O9veSIeG2UnjfbObHbRnTDgHU510qCmw9Q86wRNoO89wjnTLb7rvh7BSMeO0L__hNzJNN0agtc7cO_a0B3XsUASsoQEtqacJChMLtizwP3J7YA4APMMqUS9LwCwWm90XULRLHYCubisyx0aGnK0mYac-wbRXwj32EnB_smjpdm8Czh-sNPK7Cra8tYmGZ-1Jgpl9Abc2yBQRj3r2oNwY79QH1Pe1Z3U7E8Q23qZ8Lk8MqzLPq_3oD37dytYa2kGJWhHVaEEjZnmoJIrWoCuu0bxgHD-1cbKH9PtHF6EGiUyO3c5BolGm6kGwrG6YW10EQowXNBVHDxy9jP5ho9WEwhtM3y_wNh0CBcrHr1BBSkELwT0VQQiDTXK9v6nDczMH3KjS1ItVHvpx8ZfJF2MQL9ctjJ-3cc2tYLxEKPxA8aKAxyMEjzo4ruhoWMQe5Dzsk2Rm_b9wJzq9rFgQghzaGW0kOuvd6KdMehESddBKVi7qANX2BbakPc9jj0820RKsv3r0w8hmllFcD1MFkMchWIDwkz20oFRKeBpclORQwNl5y2k_3QZ5-Fu25KsnXPT-y69DtZc74ktfH9oVpOStVT2aI-xO-CNpHB4&cid=CAQSTADUE5ym3y6HIAq20oeCE6_CGlhG8YZwHNEQHNF4un9Ja8AXWbpp8DmDao3WX2CqLKiYIi3-TR8310Kn2s0b3kswBAR5iNYP_sUSvsEYAQ&rfl=1%2Chttps%253A%252F%252Fpastelink.net%252F%240

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6405307c2c52d3394bac71965a9a164ce502df0ebae9a5534350070ed461863a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34177
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F142 42 B
63 B 97ms
96ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Adb9-amsbhrz6XtbSP6jYM5EAwsxRGgHRKwgYMtZV7WE1Ja8CY4FOvPX-lpMSgPjjLHFMdUY8IBGXkkANOqyNiDSfytnKjtIzlSnnaFdW2VWOri6k

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame F142 3 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame F142 18 KB
7 KB 63ms
62ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F142 157 KB
48 KB 129ms
129ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:32:23 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 64F4 28 KB
28 KB 67ms
66ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 23:18:07 GMT
x-content-type-options: nosniff
age: 155656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 23:18:07 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame C7A9 36 KB
14 KB 66ms
66ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/rypfdbdc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 09:19:40 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1

43 B
766 B

79ms
51ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARjLnbLWATAB&v=APEucNWl3hlZ4HdnMaRmhMRWnybfBZhGCrB8s-sZ9y9cIH4hZNdWfPoqHuxALCeRoe4c2CYzh7nZiJ18WUZRntc-V7fjuoHX2XwyXEzXD2brbAGD3ybtfzMpKoHY6giv5fXCq00-ZaZIi_aO3Wsb8Zu6RaWgEFSPMx6tEyRJFZUQ6OENjuABRVQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E9DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.FHt-dKjrDlHvQ.K-cLagAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1&google_hm=2

43 B
766 B

46ms
46ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARjLnbLWATAB&v=APEucNWl3hlZ4HdnMaRmhMRWnybfBZhGCrB8s-sZ9y9cIH4hZNdWfPoqHuxALCeRoe4c2CYzh7nZiJ18WUZRntc-V7fjuoHX2XwyXEzXD2brbAGD3ybtfzMpKoHY6giv5fXCq00-ZaZIi_aO3Wsb8Zu6RaWgEFSPMx6tEyRJFZUQ6OENjuABRVQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKLrWeN7BwB1COUcCRJL-c&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK7IMWDoWwvv4gbpTcFuF0A&google_cver=1

43 B
1 KB

61ms
57ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK7IMWDoWwvv4gbpTcFuF0A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARjLnbLWATAB&v=APEucNWl3hlZ4HdnMaRmhMRWnybfBZhGCrB8s-sZ9y9cIH4hZNdWfPoqHuxALCeRoe4c2CYzh7nZiJ18WUZRntc-V7fjuoHX2XwyXEzXD2brbAGD3ybtfzMpKoHY6giv5fXCq00-ZaZIi_aO3Wsb8Zu6RaWgEFSPMx6tEyRJFZUQ6OENjuABRVQ

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:23 GMT
AN-X-Request-Uuid: df3593ef-fe47-451c-ad7e-d7d5b4e68dc7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK7IMWDoWwvv4gbpTcFuF0A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E9DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0ODQyNzEzMTY1NTIzMjY5Nw%3D%3D

170 B
243 B

101ms
101ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0ODQyNzEzMTY1NTIzMjY5Nw%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Feb 2023 18:32:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9540d8b6-5136-4f8a-ab67-92cb84c211c2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0ODQyNzEzMTY1NTIzMjY5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 7197 4 B
325 B 295ms
51ms XHR
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1675708343167&sessionId=08aee165-2e01-a482-b717-5ca4cdc1ea4c&url=pastelink.net&cheqSource=1&cheqEvent=3&responseTime=467
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 661943bf47b0ecdec50e3f882c147e02
Content-Length: 4
Expires: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame F142 28 KB
11 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6WZi9n_msbryYoUPJchVnpwwS26XnIR3oOnvxnm0BD8nkqF0IEMtAqyCd9A9gl9kdImZUYYwWQ7r_ZUgCmRkRNJkkew&cry=1&dbm_d=AKAmf-DqLxW9Q4zFox5o28jns33RpCPeTlURK2ozdtvQ6FqR9dKvMdmN8gPyU4I0Zxmz8hFOT3A5qBzAaVTtwlgK8o9xtY91UjJ3ssMImTkuw3CiEcUWlJrlI51FFXfJW3NgTe-2HRdT-C-fMp9kLbLWaViitft4cMsEiaBBraU-LBzbGQQ28-19obvkkmH9R88qcUvfnWPnSUIzmgOAwPgCwQ2JObAm938X4oBF_fFFXkXtX6hl-uYKKEoRhFD2g8cqTIL5OtCV7NnhdP_BcxKe2hQlaIGJldWz4sfDm38i9C_cGgaVBK4JvSrjbaNIO50jmtLmpviERSCAAoxmkZMvYvyvbhaDjZ7XnQy_dUSl50X1iSpZhtPnsph9TMhwWK9ot-kz3Nk-SCBwFrIgVNpqMF3t4nYe-YNF-cHqfTiBV1V1U0YVZHaXu-mggsThd3jK7Tm95UJvNryjZvjC043k38QqQd2QhcG8xrtboXvbFPUwvC03PgVdZGIDxVfNtLEhKV1ythLWcYzYHAcpskblgObLH7SeivndEM_wcGqA641RytFM7GPF7rqHA-niRxniQ7-6vjYAIzB56vYMuJO0SHiaWUzVpVF-6ab6EmLVMe3r8DYyRmV21iAc3mGRECEWiG4zxqaGZfOkUzZWWJE2NZOM0zvrQN3hlnnWq0_eVpt5Q_IuKmpMs__tGIbGeHBrS3Ou_qwGqgRcqdD8P4EmcFR-NM7JRstYrwh5nyRc94KRgMj5Pt3LjUvsLfTB8mwj2djToEkvMKc6gdaSo7WDr07EOCobSb9LX-wSIZqqY2Gw2DmxgqJjJMvqJmRe4rsd6Iak8KFYyXN5gO41fqUDFFy-u8gqRWy8bWA0_uJs1ABwKp8PfLQkpdDrweSud0grKtLp_CQ0h1UD3L4gTTBJYdLCJwy9NDr8VUPtzidqqS66ScAUZREUtEfgsK71UnwYOdI2z-Lwrl2ZTwlJL8umr1fQJnWE6gXd7Mds82xi4cZ2YdTv4gm7KFa4LwNcG8j64HE-LBe9lwJubxR3ZDzKa2h68SDELnqIVQFBWE5HTDaxpaIuJ_prcNth7sXaLvCuf5cygKZLztL-VAvtfR7yyTsN6IwGS5q-6N9rVVgjX1w6BD_Ej49yHSFF9GxpkGFIHnRNdXtKsuldVkXDJYUYPoPCPyEidLxAMDTSs85X-3EaVg3qUIlXMkhgJHoSW7m31hjdm5Ji3nNt9MY343vPXZbgg0Mi3Nl5slu1J7xZa2yilPUBIWDubjuqLIyuO4duK1ILBJDkmPf7hxDsGzbpeqi4KSALLmY1Wk-HU5UQb4yFzUkxYUUzrDY9b-px8-rEV56ZV5Y6lRyHvf3K5zpf5Mx8EGDkoNBP0yM-Ui3AGdDch0GMH7dZEGYhFyM5xYtd2P89VhicPIJV5a5cjAjNSfqHX_EqPD0_UuD8Z-uOCP5TLh2gfzJG3Wfqz5OGoz6Q6_Ew-bClMT3XdOhDEPvk7g8CdqgXMmbWdTflmSEb1KNev6KlS3hyIVq1vLd_k4yLWn99E9k4A0d02AfGJ2N0Ppl72l79R0gBY46-CsO2GyblpozM5hDuso00fsUalbzPdD2Kmcn3hXApYQiCyi6GRe80yWQw9mCsjN6xQpCS-WqjTH6RZEWCq5fIANvy_JATIxO7V7S_KKCtmNIMNI_7w_-5JSf-KXjUWexktGFvn2QWAdSLT-XawrEXZ_uWI9TBce5PW5Ih83j8cCZDF1d9Rv_DCpBS6BTI4G9kRcre0EMusfSh50cevlMaQdqfGCFuRMftlmtwSDbNksDYpGYLV6zCMLwQvKMayyVqVzpdWYYEUa1C9g1oOKd_GM1CBE0Qlm1OT-xbIVZxEwJxLp-jR4aNyVx5WguGUj9s1Wmoe9TTPavRZ-9Kz7EOjqF9RvEmjGzcfioSGhuD8cQvii8OKfLook56f7K1rFKcOBPd-kujksLwoROrYLRsoP08TMNiHZ0ijVXsxBWM1q-qDhOJepc7LuOiruF1IHg9NGLmSuxTrcbgiJ-y6ayx2QyZXk7kktRonIUBLn8rQ9Gb7hCUKkIlbUuf7I5uKlck8Q4BZhAhBmQMvS9O3sJ--da9zWd8X9hjwA3QUSq5txbHJBGLR4kaBM5OLeW0-Ry1CtbdC0Pg2NuRdA1ApH3mO51Be81T9eme744EyPsJnou3JiQeh0mJRrUMkOwB-Bs5bjL-ttN2ROAUyjqUBzBbegl1ytRMiITmZdhcn4FaIOqlHDdCZwaF5-U9sbdGNgwXuBoIMDy-8jmuT1r4ant0KBo-pa19Ao3l24Y2lDPB5wPLGpNCF2r3_Uuwp4pRDqvEbTnSRsQozKUQUnjDpih_vzs_KOciUo9Tj5kMTx5eIcNcqrCdJnyamKRap8ksBG_WRJG8Wk4OlOZxxOrZjJkc0cM3kbM6NuEC5oxVu1dbVwbzJORPe68PVyv5PKwILokBCkMUtnnVcJtcwK6-M-EBzKY1F8zel38m1LXeFQKRT0xmU5qKpGGVojUNFVAihfknpPYuxAh8nh-tdsXK4FUGsbQb_SQZLkhGV82WWLzvbr8Sgkh7AV3duGNBfHhQpqpuVPoAjCQei63FYDB7lVtnToRwtL_REMp09lRRNjuiyN5LiLABqiW9uWVyLy14y40dBWd_5XmaZzq67hSdlfv22J5VXa03mn5j-ZyQQtQyotJ9KxHCoy0eHzAYg52XoNYVSICEq7gwFtxvZH_pxhqKwNmQHw3EwRdAeV0JAdmVhLn4P4c5GtSxpy3bgl7hr3fSouGfVAUCjDb0PKRmlBxocU_oaA29lbJ04umlVO_70fwhIwbKSy8Cdz2r4qblMHWOjY8uB68RZMtLM0CeAyUT-S9v9XOl75rKQyXEEXZqVsnLNCLVJfs5WkHoAq38iAtkM6KoAqAHifwpMHgii4fywBJq74NkW1IWpQKRt1PfhiI1O9veSIeG2UnjfbObHbRnTDgHU510qCmw9Q86wRNoO89wjnTLb7rvh7BSMeO0L__hNzJNN0agtc7cO_a0B3XsUASsoQEtqacJChMLtizwP3J7YA4APMMqUS9LwCwWm90XULRLHYCubisyx0aGnK0mYac-wbRXwj32EnB_smjpdm8Czh-sNPK7Cra8tYmGZ-1Jgpl9Abc2yBQRj3r2oNwY79QH1Pe1Z3U7E8Q23qZ8Lk8MqzLPq_3oD37dytYa2kGJWhHVaEEjZnmoJIrWoCuu0bxgHD-1cbKH9PtHF6EGiUyO3c5BolGm6kGwrG6YW10EQowXNBVHDxy9jP5ho9WEwhtM3y_wNh0CBcrHr1BBSkELwT0VQQiDTXK9v6nDczMH3KjS1ItVHvpx8ZfJF2MQL9ctjJ-3cc2tYLxEKPxA8aKAxyMEjzo4ruhoWMQe5Dzsk2Rm_b9wJzq9rFgQghzaGW0kOuvd6KdMehESddBKVi7qANX2BbakPc9jj0820RKsv3r0w8hmllFcD1MFkMchWIDwkz20oFRKeBpclORQwNl5y2k_3QZ5-Fu25KsnXPT-y69DtZc74ktfH9oVpOStVT2aI-xO-CNpHB4&cid=CAQSTADUE5ym3y6HIAq20oeCE6_CGlhG8YZwHNEQHNF4un9Ja8AXWbpp8DmDao3WX2CqLKiYIi3-TR8310Kn2s0b3kswBAR5iNYP_sUSvsEYAQ&rfl=1%2Chttps%253A%252F%252Fpastelink.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:54:08 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame F142 8 KB
3 KB 68ms
68ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:54:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F142 0
0 272ms
109ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSGijGoCtEm1b9cFtjoknjQpaAItBEgZMW0FPG_yZWHTlhQUqozRj03AopGfOvMbso3cARxHGslkk-o2cziLqRAesxq1fj7s4kT-VkKZMOI21hL9czc48xrvlziYGTbVbusrfPaU3jBzHOFTEEW_lrjLLj8RLHAVIF2oOqV1V7464wLN-lojLGcK5fqdCjAx5eBweOkpFDb87Cl2WsPRAs1fvG5-I9zWJ0MsoCjjDufFMWW7n8ClCMZXCqxGEHuhtZuLGTbKOkPum8hPcHVVUh8X-RPeeuBZta93IYKxLgXhwL5aMNwzYuHWQ9CH_laLIrSbYTlx8IAbGJdb63yHVkVIRAqwutf6DujmNCVPRG_zNEiLUNg4tYWogsuVwfZrZC81QG-ebYSUq3MYZsGEdJiMjUhMuhV-ccLdVoqRVh2sI0em6Ti59K9Y11BDYkelmZ4RH653E5psv19gGw__5gT7ywDPRmGOeVj4X1Ie2f8bC4G-SD4V8oQmaFEjFm088gLf_4cW7sCRp3mNCy1gouMLe-keL2G9_eE0gFnT3jK0YpItuGiMG2lElDhvMtBH88etOPh3kN8iL9GLPhfWx-e5QJMtf--O1CyxeYE2sYxIEZv4XJmGj1VIh9tbLs9-D7XAye4B6TbBPo2N8eGucYlziACfJACcCeec-i5Ak6Q4ncFQx70S9xuJOINWx9uqZu649eBeTvn5MvR9b4pLdDof4KcoUquyC89n2KGRzC5Ondj0lq1eGzo-ouQvt8hRuZKYLhtze-6YkddvCpHf3Nk1KkkbVBpGKjvygBLS8hldLsx9WTjKKvK9IM_tu7YrX9_37BW2oeP7EUxQppKTWh1rCEvs5dTfSdHiYJGZSHeCp4SG-b-OXJYHLE9QhLIfkJL86CRBnY98Bvc5-qwaLfEy2r0nNcq6sGDKp4jScQKQ4uTIgLtXGE6JIkAjPPYL4xAkg0edUiDO9o0C_bOv4_pGLgZL5FBTaQQU7bi0DhxaPEcNjyOuI6Cv9G8LM7gk0OvwHy87DHSkak0fNBkNJ9MfVTTIWgMSKJirlJXAWWTvOWdk4VydTR2GgGnZh4BEcOVYuFeYqx4xdZTIea2CNwpPN6RG8XVTx7C7qasJX4sA9QBDwPAGc3jLF_uodIMqcHiZ9pufJ3FOoFnsrv1PnHAs4g_8kS8Z0RoBl7IsN41iPvHOsl_7oGxivdFisYo5OdMCAEEvUXcj8BBqvns7H6feq2LVdMtyZOFI-b43QSguYQIs5Y3-ioFsKG6AvmkANlDCWRUjVs7IOLL4Ln_xIadlyrBKP7Bd8pJfSs&sai=AMfl-YS0eYR-v1nO0KZuGcVEL2JWgZ5AXQCRCunQAP0n2r6FcNzxvb-xB7fjttqCDXZYOkic5Abj-5lCw-nPK5zDVM5z_7W3g-jm9WxlqkqrBe3yiA-jS6Ui6TLBBDi6lzZVplyKKHtsyfpHy0K0A4J4J7IND1JTIO_UIYnm1JmjJtnbLFSA6DgrcuJJ9DhrQudRPxJlQkrgsC9a11-RqMGuJPleM01kWgk7Uh4G6QOgjKduPzx9tkdOz-hrkzMrlzjSDyGE4jjP5U93s3vhZqLJc3QT9qxJ9sqEJggbHQ8p_2Gn-5bsKQlkGjk9NpBtHw&sig=Cg0ArKJSzGKU4GFDIwNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.30644&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:32:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:32:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F142 41 KB
15 KB 68ms
68ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:24:00 GMT

GET
H2 200 1398263376373235940
s0.2mdn.net/simgad/ Frame F142 29 KB
30 KB 221ms
65ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1398263376373235940

Requested by

Host: 6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
URL: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a97af750aa721907f5a65d6cfd91621f59d8d71efd2f96466288d92dff729a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 17:22:58 GMT
x-content-type-options: nosniff
age: 349765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29833
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 11:05:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 17:22:58 GMT

GET
DATA 200
OK truncated
/ Frame F142 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5682b74356c19606d72a9846310553af0dad3311fcc002aa830bcf96ac61b4b7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D20B 22 KB
8 KB 63ms
62ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 243636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:51:47 GMT
expires: Sat, 03 Feb 2024 22:51:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023013101&jk=1844828769427875&bg=!Xl2lXRnNAAaq5O5FiuQ7ACkAdvg8Wgj-JkkEXQkKMaFV-9pKGppCXeuU11R9CCWZ8vWGg1jiCxtcdwIAAABPUgAAAANoAQeZApX8Pp1r1P05Wfoat2MHlUaCIGKRuyPHy4oKiHMhO-J5oaqkqVd9o_fj9XOTxHB8j5LL-yA1YxGX0JwiC70NHArLjAuxE0CrBGuYN8rYu1uGB_FUYTg9HmAUl_Ljp59ulMH-ELesq5uPredTgmYugOPetAP0rpsisHxpbB1W5lxOHnb897VxgRljRNOVLflQOl2EPWt87o15k3ndG9VZinWsFxj5z7n05u_YjulyUFPHoSu0hT4tK2T2goyPLFdYLYMAuOCarxAq0rsZB4Vvm80HiZG4F7N7bj8Uqc5VAsljoak04gjMKc9lkpb9HOPyacm4QN9thDL0LQ_HK1OPOYbYzbYmneAPgzmayOoeuftYdjXlKKuX-LRly-tTTXlKrBZFdA244P8Io-R93IeWf8YaGB3fzQGmhyA7Ti9rpGszSzDNp83U3mbVVpO_-4D5WhmBrWc5efieVnDAwuP_J4gKZHSgtIK_-A0Bz-5IIUNSAHNrXi0tiLDcwv0QyMF9SlWKpoJcusPgwcvpUbFpS_8BCBW0my-xoQNHpXO2iP7Wgvt9lsGGStNyc7IuL39TeK8KsKHsGON_Ua3d-nAhEq03M-0DeR2T0V-Q6VNo17x5LYobtvYzRX12uT4rvXP4f61REhI2_LMUDsA0kexGXriYd0YYLttkJPIjCThsIvJzA8T3oNkBSBoWAyZ_-DKmnEioNwtMRpr_rSxM_-RKuTD2YD4DqWKBfFLLOwXhbNs_ZIZFOBvQjJrooymXagnkuaM5GQR3Z7GeVbCpnRAqKBVRWZEZQVPl9_XYNKojec7Hv7X1FCLazMrgOQ5fhOuhdW-liLSEpIvMsJN0oulmKDKQy1WT1JoSGvzr6Xwu91f62eoZk1ns
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame 7197 2 KB
3 KB 74ms
73ms Image
image/png 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 18:32:23 GMT
date: Mon, 06 Feb 2023 18:32:23 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 7197 990 B
1 KB 73ms
72ms Image
image/svg+xml 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 18:32:23 GMT
date: Mon, 06 Feb 2023 18:32:23 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ Frame 7197 2 B
330 B 645ms
136ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=5ebf82c0f46e317dfd612a312f13e574_113125_1675708343334&tm=756&eT=0&widgetWidth=300&widgetHeight=250&widgetX=0&widgetY=0&wRV=2010149&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=543&oo=true&lo=636&odbreq=873&odbres=1414&cet=4g&to=1675708342039&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Feb 2023 18:32:24 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: cb81afc3f144e596e3ab18c44068adf4
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ Frame 7197 48 KB
18 KB 188ms
55ms Script
text/javascript 2600:9000:2057:2e00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2e00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:15:02 GMT
content-encoding: gzip
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 40641
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: yqz5Hit37eSxkDp5VORYmzItXOC1ErH-iF8JEzgNQsv8Gov4dizaZw==
expires: Mon, 06 Feb 2023 19:15:02 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame D20B 36 KB
14 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 09:19:40 GMT

GET
H2 200 eyJpdSI6IjM2NzVkM2YwMDNlZmVjZmM2MmUxOGQzNmNhNmY3ZTViNWEzN2MxMzgyNTg1ZTUwOWRlMzQ4NmQ0ZTE0OGQ3ZjIiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 7197 38 KB
38 KB 665ms
450ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2NzVkM2YwMDNlZmVjZmM2MmUxOGQzNmNhNmY3ZTViNWEzN2MxMzgyNTg1ZTUwOWRlMzQ4NmQ0ZTE0OGQ3ZjIiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e1b9e290f36c6e933b52446626b04356b1d3b29a472590ab9255e2c6559a34c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:24 GMT
last-modified: Wed, 18 Jan 2023 10:46:43 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2462375
access-control-allow-credentials: false
x-traceid: ce392f63ba925bba72df7f37647511ce
timing-allow-origin: *, *
content-length: 38528

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame 7197 4 B
325 B 46ms
46ms Fetch
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5ebf82c0f46e317dfd612a312f13e574&pvId=5ebf82c0f46e317dfd612a312f13e574&sid=8304254&pid=113125&idx=0&wId=100&pad=1&org=0&tm=771&eT=3&cnsnt=no_consent&wRV=2010149&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: eff09802ce27c50480f7cafe2a2b7bc5
Content-Length: 4
Expires: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F142 0
0 96ms
95ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSGijGoCtEm1b9cFtjoknjQpaAItBEgZMW0FPG_yZWHTlhQUqozRj03AopGfOvMbso3cARxHGslkk-o2cziLqRAesxq1fj7s4kT-VkKZMOI21hL9czc48xrvlziYGTbVbusrfPaU3jBzHOFTEEW_lrjLLj8RLHAVIF2oOqV1V7464wLN-lojLGcK5fqdCjAx5eBweOkpFDb87Cl2WsPRAs1fvG5-I9zWJ0MsoCjjDufFMWW7n8ClCMZXCqxGEHuhtZuLGTbKOkPum8hPcHVVUh8X-RPeeuBZta93IYKxLgXhwL5aMNwzYuHWQ9CH_laLIrSbYTlx8IAbGJdb63yHVkVIRAqwutf6DujmNCVPRG_zNEiLUNg4tYWogsuVwfZrZC81QG-ebYSUq3MYZsGEdJiMjUhMuhV-ccLdVoqRVh2sI0em6Ti59K9Y11BDYkelmZ4RH653E5psv19gGw__5gT7ywDPRmGOeVj4X1Ie2f8bC4G-SD4V8oQmaFEjFm088gLf_4cW7sCRp3mNCy1gouMLe-keL2G9_eE0gFnT3jK0YpItuGiMG2lElDhvMtBH88etOPh3kN8iL9GLPhfWx-e5QJMtf--O1CyxeYE2sYxIEZv4XJmGj1VIh9tbLs9-D7XAye4B6TbBPo2N8eGucYlziACfJACcCeec-i5Ak6Q4ncFQx70S9xuJOINWx9uqZu649eBeTvn5MvR9b4pLdDof4KcoUquyC89n2KGRzC5Ondj0lq1eGzo-ouQvt8hRuZKYLhtze-6YkddvCpHf3Nk1KkkbVBpGKjvygBLS8hldLsx9WTjKKvK9IM_tu7YrX9_37BW2oeP7EUxQppKTWh1rCEvs5dTfSdHiYJGZSHeCp4SG-b-OXJYHLE9QhLIfkJL86CRBnY98Bvc5-qwaLfEy2r0nNcq6sGDKp4jScQKQ4uTIgLtXGE6JIkAjPPYL4xAkg0edUiDO9o0C_bOv4_pGLgZL5FBTaQQU7bi0DhxaPEcNjyOuI6Cv9G8LM7gk0OvwHy87DHSkak0fNBkNJ9MfVTTIWgMSKJirlJXAWWTvOWdk4VydTR2GgGnZh4BEcOVYuFeYqx4xdZTIea2CNwpPN6RG8XVTx7C7qasJX4sA9QBDwPAGc3jLF_uodIMqcHiZ9pufJ3FOoFnsrv1PnHAs4g_8kS8Z0RoBl7IsN41iPvHOsl_7oGxivdFisYo5OdMCAEEvUXcj8BBqvns7H6feq2LVdMtyZOFI-b43QSguYQIs5Y3-ioFsKG6AvmkANlDCWRUjVs7IOLL4Ln_xIadlyrBKP7Bd8pJfSs&sai=AMfl-YS0eYR-v1nO0KZuGcVEL2JWgZ5AXQCRCunQAP0n2r6FcNzxvb-xB7fjttqCDXZYOkic5Abj-5lCw-nPK5zDVM5z_7W3g-jm9WxlqkqrBe3yiA-jS6Ui6TLBBDi6lzZVplyKKHtsyfpHy0K0A4J4J7IND1JTIO_UIYnm1JmjJtnbLFSA6DgrcuJJ9DhrQudRPxJlQkrgsC9a11-RqMGuJPleM01kWgk7Uh4G6QOgjKduPzx9tkdOz-hrkzMrlzjSDyGE4jjP5U93s3vhZqLJc3QT9qxJ9sqEJggbHQ8p_2Gn-5bsKQlkGjk9NpBtHw&sig=Cg0ArKJSzGKU4GFDIwNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=297&dett=2&cstd=0&cisv=r20230201.30644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:32:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:32:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D20B 0
20 B 98ms
97ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-N5yt0fhY7LTBKrjx_AP2bymsAkAAAAAOAHgBAI&bg=!IyClIGTNAAaq5O5FiuQ7ACkAdvg8WhDiMQrZvQFifSv6IbZZDEy_HMGCdmgAT_ZuY6wU_c613CItDAIAAABKUgAAAAFoAQeZAtn3qF01eNz-WazHx1yk6pH9W1npIUsYplGM6pZbjDcs-pnOnQOC-2dmgWotLjQ8Fp_TtKG8_IlOi8fUAWF64bWdiI5PTQZDs6GIZMOKCqT5hJ7gbgnHYtoLoXy89J8s1xY5B06LFmow0-DA588eF9oQTazzb5yGZYfMEX81pwi6XTsYofyokCJfUa1tjDNDYqaPYD3lYIIiabQUC7t0Woy3_aOyzVzdX32KHAqUk2STO_Tvoq7OeSc2si9zmzimi0OUcy4tyTWCTkgt5Ts1G8kj_tdIbtFkw3j58RS0ExQN2-zZA0gs17F5qAdmfh1_15RsWBkeaTbp3pHs9bZU4IJvKyFZVZVQ0OcXmfyc4cyTKgQIiKtskhG0T6RV0iIzsFtsdmB_SDpC78if5wQO4m71YR503dtoRQiMKzaFJ0WYAhNUCTya1UFJDUGEmP54n2DIL0fVaiBALcMe8tkocL1rC4QwAsnD9oPP0EqAZ7N5sD9Jbu8fVW1QA1zVQwXSUWjSwhMmP747gzYthrLmLV_nP3KtaPkJ_ihQuLJYQ2l9KYzTmN5oJeZdmAfijzdNzxg45sB1j7QWIYmONou77MCdlivH08DRbXQ7cTlDdECAYzok00uF_8m1F_CKRIYc-C6YGcISTWbRGmx5Ua1PSpipCbHhbsu_cpmwHmF3O5Y6df3YuA92YW-0LJw81WEcSWQh5qvwUTSGbRnha4vtVDHIWUITk1VyrFL0so2n-A3guaKzoy77NZPonvO7vR54dBD0ufea8Dl0s5dbur8BI7f2yiEwGNA4G5krUclLoPF3M2srxkHKguYtsc519MmUBxsyK6Ab75gArP4zVzXeyV27duQSwy4Y7HsLKvFP-fv9o9agYUPKW1PNjwlHbUyP3EwQ0ppQgQeU_8NYOz5UPJtnDAgDhuLZ7SaZBtcpYjNIq6esF8Wocp35fiKzImKvSORaxPndaCBIZXg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ Frame 7197 2 KB
2 KB 422ms
154ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fpastelink.net%2Frypfdbdc&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=94059889225127280208299806580002232121382700612409111718819200587215&nc=0&tsf=0&tsfmi=&pv=0&cb=1675708343749&ref=&pit=1&hl=2&op=0&fs=300x250&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2774517318&at=&bid=e30%3D&di=W1siZWYiLDkzNDFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MzAsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMDUx%0D%0ANjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCIxMCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVC%0D%0ASEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yv%0D%0Acjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJi%0D%0AcGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0i%0D%0AXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wib2c6dGl0bGVcIixcImRlc2NyaXB0aW9uXCIsXCJv%0D%0AZzpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjow%0D%0ALjU4MzMzMzMzMzMzMzMzMzR9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwi%0D%0AWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2%0D%0AMDAsMTIwMCwxNjAwLDEyMDAsMzAwLDI1MCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjU0%0D%0AMzk5NDcwNS4xNjc1NzA4MzQyIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIz%0D%0ALCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjI3NjAwMDAwLFwidWpo%0D%0Ac1wiOjIwNTAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIs%0D%0AbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAs%0D%0AMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxb%0D%0ALTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NTcwODM0MzcyNiwwXSJdLFst%0D%0AMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTEwOS02Ni03MC0iXSxbLTM4LCJjLC0xLC0x%0D%0ALC0xNjc1NzA4MzQyMDM5LDAsMCwwLDAsMCwxNjc1NzA4MzQyMDU3LDAsMCw0MzMuNiw0MzMuNiwx%0D%0ANjg3LDE2ODgiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixc%0D%0AIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFst%0D%0ANDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDEx%0D%0AMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93%0D%0Abixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw4NF1d&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22x%22%3A310%2C%22y%22%3A316%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=ItI1T5F8ml&sdd=%7B%7D&pto=1711&ao=https%3A%2F%2Fpastelink.net&aol=1
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: bfd13117539877f35adf2e6554c8fc008041e52198577974230669ad591fe583

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 06 Feb 2023 18:32:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1477
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7197 42 B
174 B 98ms
95ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstco4LIK3WswGxkgoi9-cttn4N40nF37WzAfUE_3PmX1pFc4tdIUn_sXxOkUjmuKzT3-fhtCyAs1Bqct1pluS5ix29m-SSGLJspIBbPhWCGrcFbS1iH&sig=Cg0ArKJSzJO-gx8yp7JgEAE&id=lidar2&mcvt=1000&p=317,310,567,610&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2603746535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675708342039&rpt=802&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 64F4 42 B
64 B 100ms
99ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveeUS5Tw8-WHw0y1bcfLY1cUxZ9WzK93qfCjtMM5qsc549tH9PPsTDei2jhkSfJ8YnWPo0bPtLeZiJQZYjpJx8MLf2wPY-vZyyY2NmXfouYvGa2MKqr3zKka4QrToifzYksgxU0TOpnmwvmqYOe5pUsLv7nma4XdYlx0s4m87Gkso0KzpACcKyFLe3iW89Lu-ILcv9hl8TOE3-3mc0fRQ2ZlL8sFNxjzpiu-FERq5-Jnhz001hfFNENqWFh1pAK-yycWOtMybU3IbjUl5KVBoFzphjHPlW6HUB1bDYXeCm3Lo5c8O4B3Dr2ghnWYvxnCqngT343P3xdBuneJW-LM8lzBTfGcSwvAO6k-Afq481L5KsJVIUqMxd6xOa0dgAhjYdnNgp7IFf0Ex-Bhu2Z03kO108kwJfXCJ76gsTCATacJTmPO1HlVtO6PkmMBcuyD8WzsLpkvpJqPkvEap_ZJmx7jQKdLiASwimhQyAR1-ZyiOwJRo6PNNS-QJM2a3ZdIYuv6iz4UffyeShqmm_AUBEUU5mCKxZpPXJhsLsYwMwdXwi5rzCt4L_ghDNpoEnYw_gkMzyrmK7b4AF0tQ8P9tIGCFBLKGmNg6djIHiYowqMmGnXWR9UAttJZ6XNmWsvoKjp2ePLCbUCIRpTrJ50jWxOY79XF_0j0WDku8j3rj9OMNgz_1-wT5qWBNO1mkqCGqJTWmRcUa6nirvLsQAh2UhBS0ZwDSVXm4Clsu5B2jFWnG6csaPt3f7rfXbiZe_NVWCbCVlj5PIZ9xDUeVR1VUsWbhelueFULaIyycu2-9aTUtEw73s-By-NVFpsRLbdJJl8LObGpvI2bzWEw4U0ue5otVX17gni5mV5a3mQih2RAg9oOQDRZ7-M3uTt1UPu2T9dPNu_8TtirSUNj6W7T9F5nCNK-i26AM9n0nfvJuhI81oEc4iBX17uc1lIS6IBygj8fj10c6XGreLg4gxHRJt44QzS7rXNqVrtRNLC9XJHQvUDolklTjMiZGr2Z3S6jXc618dZQpQ-RZxkfXrX3pVjN7zFnFrqZBzcyxv_ANlvbHMHBPPyID6ls21TcOaY__imbRnV4J05f4J15GMz6BxnrE7buEbq85xmtEaZw2IpCeoAr2rbttWSqp9TZC7Hmi6VkDSvDreerYGQH68_I10-29pcEbc1a7Jgd282PMo1JY&sai=AMfl-YTFhf0yTFDonjsgYyAkJsV33wysTuU1NAdX3YCPla23r9sANCho6W_sGWt0K9aXGTilwGtoxj8YBozDCtV9vGR0Sj8U-gaYuoPb7bvpoKGX5k8FdY6QWpkOPDREq-WeAiJew-8ShmgWbg7jyQdi_P_ekfvbhU_C_A&sig=Cg0ArKJSzDaOM153aSsBEAE&cid=CAQSSwDUE5ymn-U6GhrSs79RfFP9PKzmWKnLN4fJY-BUv1TvzZkH70GyzOBgfwQeBevZxVJqnygIbdY0oOqVNw17vmG3PJfWk1y5x_VSYhgB&id=lidar2&mcvt=1000&p=1105,436,1195,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=759513158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675708342490&rpt=570&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ Frame 7197 43 B
79 B 112ms
111ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136debc035e2448e999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e2474fbd49dabd39e821da61c45085052aae2d05f91e46042dc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1108f77f6aac91107aefd9f264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0befbdae8b04a2ffe79bebaab7d5862ef803794b441b7101704d00e5bd4d9859b81b2c527df21d6deedc85ec54d5814aa5f0ddbc1c518268aec29a802e4c34bc324af7b191b0e9a30e80e8b95ae2cbcd763914da7c19ccc7780191c2def5d0545794775cba52fb842c281973fb79a63fd962d9acca9f87acfe8b411266e8fea4f49d7f751094cb4fcec74ae519bf641eee229ae7fa2378950d71dcbb53ac71b3bf9ad9462232263052a174111aae3e170c051a54f5c345beaa85d8d8a120de2aa9aebae66c6f1f6bfd3bae9a4093c63be19c2ef073991492159923641632fb669a57654&cb=1675708344206&cri=ItI1T5F8ml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 06 Feb 2023 18:32:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F142 42 B
64 B 99ms
97ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvumHjXeuHYd_jyl8DWNxCSLWU6usRjoSHPkVHLP4AcVIeV_9fIaedLehjcOMOB_oQeCY5o-x1CyL2Ig1JlLGWuOAjWHJECnxqT3kHbVPp0bxjzE7qPSvMwaQaMK4YECz4ihhzwVA&sai=AMfl-YSWmMGNhMW0vibiNumHcpz3aKTddqKwLjLFRA-87geuvPXUswXOFQborhSYWdHEuoqp7RS_pka1RvlESAlcAlIPdf75lW4B1lkgBX8pkd3qotfCRvqZ3ZZqfnYUgeaZuLW5YvNHQ2AjOW32WA&sig=Cg0ArKJSzOUOnvS8qPYaEAE&cid=CAQSTADUE5ym3y6HIAq20oeCE6_CGlhG8YZwHNEQHNF4un9Ja8AXWbpp8DmDao3WX2CqLKiYIi3-TR8310Kn2s0b3kswBAR5iNYP_sUSvsEYAQ&id=lidar2&mcvt=1000&p=521,1071,1121,1231&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3854452215&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675708342947&rpt=570&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame 7197 4 B
325 B 184ms
54ms Ping
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://pastelink.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 18:32:25 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b82cba5287bbc15e189717c76d1538f2
Content-Length: 4
Expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 42ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3210&_p=538424751&cid=543994705.1675708342&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1675708341&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Frypfdbdc&dt=Pastelink.net%20-%20Publish%20Hyperlinks&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:32:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 10:18:28	Name: PHPSESSID Value: 1oodm9fsff08uetkujoa4m2aqo
.pastelink.net/	1970-01-20 11:38:04	Name: _gcl_au Value: 1.1.1781292206.1675708341
.pastelink.net/	1970-01-20 19:04:28	Name: _ga Value: GA1.2.543994705.1675708342
.pastelink.net/	1970-01-20 09:29:54	Name: _gid Value: GA1.2.1964616803.1675708342
.pastelink.net/	1970-01-20 09:28:28	Name: _gat_UA-55088947-2 Value: 1
pastelink.net/	1970-01-20 09:29:54	Name: plTest Value: false
.pastelink.net/	1970-01-20 09:28:28	Name: _gat_advallyTrackerpl Value: 1
pastelink.net/	1970-01-20 10:11:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-20 18:50:04	Name: IDE Value: AHWqTUlqXmySdCcgVUiE1x0ST8L-KbiDqRBTimNzCwNjqw7nAiHBUFb-4EymMmP5lLo
.pastelink.net/	1970-01-20 18:50:04	Name: __gads Value: ID=a66244267cd25946:T=1675708341:S=ALNI_MYetL486t5TaSNrRJWEN66wJ8CAlg
.pastelink.net/	1970-01-20 18:50:04	Name: __gpi Value: UID=00000bb11f660b5c:T=1675708341:RT=1675708341:S=ALNI_MZtwrBjujeKaD5VtrRED0SS9lDwYQ
.pastelink.net/	1970-01-20 19:04:28	Name: _ga_S3DKHVPF03 Value: GS1.1.1675708341.1.0.1675708342.0.0.0
.adnxs.com/	1970-01-20 11:38:04	Name: uuid2 Value: 2348427131655232697
.casalemedia.com/	1970-01-20 18:14:04	Name: CMID Value: Y.FHt-dKjrDlHvQ.K-cLagAA
.casalemedia.com/	1970-01-20 11:38:04	Name: CMPS Value: 2229
.casalemedia.com/	1970-01-20 11:38:04	Name: CMPRO Value: 2229
.adnxs.com/	1970-01-20 11:38:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlkCMvDc!@wnfH8K6pQK`!5=E<*L5?%M9lxa7?/xX(X]RZvU[C@NB]opZ5?1.f$q`4WxP(hw9P-HC_#tu=1)vy`1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6fd43d661f06308f7f346c9880a6d904.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
cdn.adligature.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.outbrainimg.com
log.outbrainimg.com
mcdp-chidc2.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
pastelink.net
pro.ip-api.com
region1.google-analytics.com
rock.defybrick.com
s0.2mdn.net
securepubads.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.208.98
142.251.39.66
185.80.39.216
193.234.225.88
199.232.18.132
20.13.96.71
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3a
23.203.125.156
23.203.125.62
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:2e00:1a:ba5c:3900:93a1
2606:4700::6811:180e
2a00:1450:400d:802::2001
2a00:1450:400d:802::2002
2a00:1450:400d:805::2001
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:808::2002
2a00:1450:400d:808::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a06:98c1:3121::c
37.252.173.215
64.74.236.63
89.35.29.15
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
01894c475661e9e96bf36907c597f61284ab29d4d654e4c72fbd024664447738
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0542ff69c0c0ee3ac4342c0402371b313d71c745dc935ff1d7e0ab6b76af527d
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
194e559f51337bc74515628e683e9ae1fc897207cf9ce2dc12eaeab520fb3c76
1c36492a8f4f52f916f38368d77be0f0944fa0304b5981dac5fac0cfd71b3280
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1dba25d38b4b72cba06bc7e5f09b943519850c8c11c06a7feab2244493a07710
21092bc0ea41db6a4b01ff7fb6a5a6e7e386f43842db8792f55b89c1032d82ce
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5682b74356c19606d72a9846310553af0dad3311fcc002aa830bcf96ac61b4b7
56e73bc3c154b44d86813c0345ff992da7f8d68e93504ccccd273d359a773e85
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6405307c2c52d3394bac71965a9a164ce502df0ebae9a5534350070ed461863a
674b3f6a673eee1b7fc7a476a5128356e1b5860ea88c7938446667defc928445
6b8ba39ebe146431165166c4d30991a00728cf481d9f48621b8174a1a50a330b
74a2e3406d78f889842fb524ac150944dd0c11156de5a897f566bf10f8ee76e1
7a5cc035cf65f1f7850b2a574225ef655394087d4f3cc69459bbeb18be67d082
7b77b990c37dad8f6bc7de7d257e3aaa50a87be89fc6f491d5f6d4ef3e9103f8
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
92fb616e35cf133b04619f9e5c7be7afb3603356524e6fce15c561e1205f523a
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
973365504227bb9514fd7d8244caaf53750ef46a6e2537916e3f03cacf38b4ac
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b
9e1b9e290f36c6e933b52446626b04356b1d3b29a472590ab9255e2c6559a34c
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53d77a298c7b90ad647a37702466e58cedfa2b151375acd119ea348ca71c10b
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97af750aa721907f5a65d6cfd91621f59d8d71efd2f96466288d92dff729a5c
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
ab111c03c96f7f6b484035b0e951d11430877d740c59039b26598f80a6703353
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfd13117539877f35adf2e6554c8fc008041e52198577974230669ad591fe583
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf0650c89cb7cedb92258f995ac1ccbf54729d4e33faf204bd3f77ed972675c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
dd03f47b91344f266328a4b5cfc37665442ad26e317a3183f89038844910b792
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb275de8542c2555ea04946af999972b6e0040e5165996435f3ae1529e636b04
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pastelink.net Open in urlscan Pro 89.35.29.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

96 %HTTPS

65 %IPv6

20 Domains

34 Subdomains

32 IPs

8 Countries

1504 kBTransfer

3628 kBSize

17 Cookies

19 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
89.35.29.15 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

96 %
HTTPS

65 %
IPv6

20
Domains

34
Subdomains

32
IPs

8
Countries

1504 kB
Transfer

3628 kB
Size

17
Cookies

103 HTTP transactions
7 data transactions