urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/ltwtkztm
Submission: On February 06 via manual from ZA — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 6 countries across 32 domains to perform 153 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 144728.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 46.101.85.187 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.134 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 64.227.38.224 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2602:803:c003... 26667 (RUBICONPR...)
2 178.128.135.204 14061 (DIGITALOC...)
2 34.246.143.94 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 3 193.3.178.3 399668 (E-PLANNING-)
2 178.250.1.8 44788 (ASN-CRITE...)
6 81.17.55.99 60781 (LEASEWEB-...)
2 185.89.211.84 29990 (ASN-APPNEX)
3 51.75.86.98 16276 (OVH)
2 185.255.84.150 200271 (IGUANE-)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 34.254.33.52 16509 (AMAZON-02)
2 34.149.40.38 ()
4 4 46.228.174.117 ()
1 1 2001:678:cb4:... ()
1 67.202.105.24 ()
3 2a02:2638:3::12 ()
5 178.250.1.6 ()
9 2a02:2638:3::3 ()
2 178.250.1.9 ()
153 40
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    46.101.85.187 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-15.buysellads.com
cdn4.buysellads.net
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
11    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
10    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    64.227.38.224 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-17.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
2    34.246.143.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-143-94.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
2    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.254.33.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-33-52.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    34.149.40.38 (None, )

ASN- ()
u.4dex.io
4    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    67.202.105.24 (None, )

ASN- ()
ssc-cms.33across.com
3    2a02:2638:3::12 (None, )

ASN- ()
ads.eu.criteo.com
5    178.250.1.6 (None, )

ASN- ()
cat.nl3.eu.criteo.com
9    2a02:2638:3::3 (None, )

ASN- ()
static.criteo.net
2    178.250.1.9 (None, )

ASN- ()
widget.nl3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 144728
349 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
ads.eu.criteo.com
cat.nl3.eu.criteo.com
widget.nl3.eu.criteo.com
169 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
198 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
71 KB
9 criteo.net
static.criteo.net
csm.eu.criteo.net Failed
imageproxy.eu.criteo.net Failed
8 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
42 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
8 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
u.4dex.io
29 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
3 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
21 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
4 gstatic.com
fonts.gstatic.com
38 KB
4 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 25755
189 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
challenges.cloudflare.com — Cisco Umbrella Rank: 5168
19 KB
3 googletagservices.com
www.googletagservices.com
195 KB
3 1rx.io
sync.1rx.io
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
2 KB
3 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6942
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
261 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1892
656 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3797
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
2 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
166 B
2 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2107
1 KB
2 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 8710
450 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
1 33across.com
ssc-cms.33across.com
1 unrulymedia.com
sync.targeting.unrulymedia.com
464 B
1 turn.com
ad.turn.com
434 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 21215
717 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
153 32
Domain Requested by
13 pastelink.net pastelink.net
11 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 static.criteo.net cdn4.buysellads.net
ads.eu.criteo.com
cdnjs.cloudflare.com
6 prg.smartadserver.com cdn4.buysellads.net
5 cat.nl3.eu.criteo.com pastelink.net
ads.eu.criteo.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn4.buysellads.net pastelink.net
3 ads.eu.criteo.com cdn4.buysellads.net
3 www.googletagservices.com securepubads.g.doubleclick.net
3 sync.1rx.io 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 onetag-sys.com cdn4.buysellads.net
pastelink.net
3 pbjs.e-planning.net 1 redirects cdn4.buysellads.net
3 api.btloader.com btloader.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
2 widget.nl3.eu.criteo.com ads.eu.criteo.com
2 u.4dex.io
2 ice.360yield.com 2 redirects
2 hb-api.omnitagjs.com cdn4.buysellads.net
2 ib.adnxs.com cdn4.buysellads.net
2 bidder.criteo.com cdn4.buysellads.net
2 hbopenbid.pubmatic.com cdn4.buysellads.net
2 ads.servenobid.com cdn4.buysellads.net
2 rt.marphezis.com cdn4.buysellads.net
2 mp.4dex.io cdn4.buysellads.net
2 prebid.media.net cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net pastelink.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 challenges.cloudflare.com 1 redirects pastelink.net
2 cdnjs.cloudflare.com pastelink.net
ads.eu.criteo.com
1 ssc-cms.33across.com pastelink.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 srv.buysellads.com cdn4.buysellads.net
1 ad.doubleclick.net pastelink.net
1 btloader.com cdn4.buysellads.net
1 fonts.googleapis.com pastelink.net
0 imageproxy.eu.criteo.net Failed ads.eu.criteo.com
0 csm.eu.criteo.net Failed ads.eu.criteo.com
153 46

This site contains links to these domains. Also see Links.

Domain
g.page
truenorthairconditioning.business.site
truenorthairconditioning.com
theinscribermag.com
celebionetworth.com
linktr.ee
uid.me
beacons.ai
c8ke.com
www.allmyfaves.com
tawk.to
www.blogger.com
profile.hatena.ne.jp
www.kickstarter.com
truenorthairac.webflow.io
forum.acronis.com
about.me
www.pinterest.com
dribbble.com
en.gravatar.com
issuu.com
truenorthairconditioning.wordpress.com
flipboard.com
www.diigo.com
www.ted.com
disqus.com
www.patreon.com
vimeo.com
www.reverbnation.com
www.youtube.com
www.magcloud.com
visual.ly
www.viki.com
www.pearltrees.com
www.edocr.com
www.minds.com
medium.com
list.ly
truenorthaircon.livejournal.com
truenorthairconditioning.wssblogs.com
truenorthairconditioning.shoutmyblog.com
truenorthairconditioning.tkzblog.com
truenorthairconditioning.ja-blog.com
truenorthairconditioning.jts-blog.com
truenorthairconditioning.ltfblog.com
truenorthairconditioning.prublogger.com
truenorthairconditioning.answerblogs.com
truenorthairconditioning.gynoblog.com
truenorthairconditioning.blogozz.com
truenorthairconditioning.blogdun.com
truenorthairconditioning.blogdal.com
truenorthairconditioning.blogripley.com
truenorthairconditioning.post-blogs.com
www.websiteperu.com
similars.net
www.usaonlineclassifieds.com
activdirectory.net
sublimedir.net
domainnamesseo.com
one-sublime-directory.com
truenorthairac.amoblog.com
truenorthairac.aboutyoublog.com
truenorthairac.blog-mall.com
truenorthairac.theobloggers.com
truenorthairac.blogthisbiz.com
truenorthairac.blue-blogs.com
truenorthairac.mybuzzblog.com
truenorthairac.mybjjblog.com
truenorthairac.blogdon.net
youtu.be
docs.google.com
gab.com
truenorthairconditioning.tumblr.com
www.fanpop.com
truenorthairac.yooco.org
truenorthairconditioning.bravesites.com
www.behance.net
www.flickr.com
truenorthairconditioning.jigsy.com
digitaltibetan.win
www.4shared.com
podcasts.google.com
www.slideserve.com
gifyu.com
feedly.com
photos.app.goo.gl
amara.org
folkd.com
penzu.com
truenorthairconditioning.blogspot.com
theflatearth.win
moovlink.com
all4webs.com
truenorthairconditioning.medium.com
wakelet.com
www.slideshare.net
drive.google.com
brewwiki.win
moparwiki.win
dogforum.co.uk
truenorthairac.wixsite.com
dochub.com
www.instapaper.com
ko-fi.com
sites.google.com
www.scoop.it
fkwiki.win
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.tumblr.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org
Subject Issuer Validity Valid
pastelink.net
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn4.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-11-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-02-06 -
2024-05-06		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-12 -
2025-01-10		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.e-planning.net
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-06 -
2024-05-03		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://pastelink.net/ltwtkztm
Frame ID: 16AC7A152C0F337D1262712925D91429
Requests: 92 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: CEF38FC1BCCB9F4A1BA9695AE1C410C5
Requests: 1 HTTP requests in this frame

Frame: https://eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D8F244072AA3BD37EF7B9B3532839D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E95C5FB57B1C228417BB31FA1E7C99E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13CE0F9EF70A32588D9FBA6BAC1E1C81
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 779ADCA9EEC63D0DA186FBDC033E8831
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUGY29bsanhEvnr9JwgILVCZsGcCFuZZdM2wIP8smWoeaCIweO-cskU6G97RrOZlQtDtMfQZ9fL0Wk-MKAWkG9Re2R4-mEF5sYVEVSv48TuNFIoy0jWxeEpf3Bc0aVNjAGcLIEhpgzu4YfDDO9aX6NLch2iB_ZXX9T_wzsSZYNgjuU-B3nI4SrFp39KBW5TGSwSZB4zz4d9HjrUIhxzWmm0alcC0Tej7P6pTvAyITeSqzLmvxm4yeQK-PdDdDTMQlEdBQODbBDk2cLdhBNZL-RboCpL8kdg5UmPGZUbvQF3R2wGhtI9sqKbcaKnGRGOt2TNjUIAlnN2qxfGMCYRNAeVe8vfNyZ5I0oF-OsIU0ZGdJFemVRqOgKyNlQiJTyb-fQwCDHn2M8vQwx82-y&sai=AMfl-YQDXe-suV77Ol2QJ5waingYM2FdFHMncl_ox-5Hz4Nnl7f00S3JWErROeJHG3TK6swHY5B5jZ8ox_w66BNmrlk4i3TYTmDZTykRFyHIRFc9RsGehSMeRL2Nyxxuuk0&sig=Cg0ArKJSzIf-Qi1O5U4eEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6D3D581977ABBEBBED9E05B5B079038B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrUsw8BE_0IncOWHr73MMO7HEFuxQwVjbsG8igxkek22SSMj6iyl5DEQh14dANmnhDaspZdvJ_Qiwpu8L2jLRs7LWfqW-3dF8KXneW54_H4hABMJQ1loC7ZHoqVa4mlOsVxnpbqr6bVClcII87qBj04wTSPyoLX1Btqf_fqraU6NTz2xKAytvVLiritmTdACF4_Gw1XvQ8tlsWswNkZA5oFEusHHxPO-oQBWgqAJw8Ixh7ZXp2cYdoQELZyYpCBXuKnZzyH1u0OVPhIIOPLcn3HddEjATyY9uVWNfLkxP1g9fvSMZLfPgK4yzbWO9j8ZOUbigNyyy8FPyRT0okBY4rfm4x6yKjIHCjzT1nqg0frYzccvGJaho6g5zEmBQYZz3wbC-zDNobDuGGB2_NADGN&sai=AMfl-YRbMmcuFE-aQSaRGyh5QB9pK_Zn353J1LMoOzWxRHWK67-PSEteYl8sL8kl9MLLPDNa1CgOVbW-mOx1cRqzWO4scKuz2moPl_YiyGT6tvWxtbb4ijA2xt3_PP4xUns&sig=Cg0ArKJSzKUpEaqN89k8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 04F548A4D724B2FE3AB9C0A1BC1ADB76
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUvyWX8udzA3hQqFVuTEu1OynmENmxpH2IE8avSSq6HXUfuA-mPY3wK6URHaFgYz4a3cGDEk_vBGugyP7sgDBh2FaUD5MZJWggEtlUiwQCOHfAPQxobXGLoHWIBtzukaFiHXyZKIRvMKy-588snDA1kk6jpmp4HlB48m3c2EuuzEGB2feilZPAWggTMAk_6oUIOQCcffONBzQBN5dkJdkQKpF2VZd1LQZWUIoDw9AhpiSqAxWFO8NJaWknImyLWdHOtsCUZp00aik-C0KjG7ceJIZMiFF7-UAz6g5_5Cdfh4y6hzEqYHBk7U6p52CMpoaZ1AwXRME9AVwzySSRINXhfMA75nTxTLi_5ez7RqvWOMGeRFEOddcKysQu0xPZ_DxZgZTqWSWH4kA&sai=AMfl-YQ53xfwCIA2HOgtQLKHfUYdw-BNeY6iXObfpQcWkvSS-ofmWl13efeo2kK_BBO3-pGnHFX1j0T695xX8QN57RhS5c0m0i9tqcEOoS9jG0v7RUrBujeK0QdiOTODUFc&sig=Cg0ArKJSzKGY1mPbCMGpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A557590A74D9C137C2635F86340C79ED
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Frame ID: AFC25D842EBEF863694BA185D01DD0C3
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Frame ID: A35B66A33ACCFEFE17E845F9CD429CF0
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2hOzplP52AhIZPTyGB2zrPHzuTz2toxb0ztAZwtmmWaw2VpZw4utNJJuzi6WXCn-uTIGSUcyPLfYu33cHkl0iF4f5onDHUPed802C_jAqipQOUqmZHPQ8514pJ-05L4NXOUbIMgu-4O1E9OyFihOTOFy2hu7uCgCKsLvqTmuqgSXxVSxvainYXxtoNYBCs0RbHc_VwYDJMKTN0OvKhq0Bcw_ikIM44aVeUvxmz949pRWc7mZkBPF-XKJhjSFUaB6mN_TG_aIAw5JqcT3lrPr_Yxz0FRDvEOtkceefHMtq3GEh_Bm1oighbYD8M0Agc7r7ZcXdQ5sXSQb7xM0Sjy8Bm4-ux4GGtkU1b_e-l54ReOEUfEF65t6XzQnu5goAFpv3iUN9ON1kGWl4O_L02IT19N_R20L5-0gzK0b9APd6JlEpMpzTejhQdC1TF5-jJIThszK5J7Tq2YjZucPXMsK8JHYSw--oWE25-pkX-oZooMoNgRJcnbCILl7WYKNEDTPnGj7C7Z-QkxDa9u66ihtL9uILq1WAfKSIxeGVEu9eRtw5h20Qu2DEinPMmfZhy8HunWGMR7kgACrOHPiQ8mg-sMwLs1MAsHI4-pNxw5CbID1d2MiMFHpT_MsHsXeC-9VXU
Frame ID: B18A8252AA34B447F937C94F89346859
Requests: 8 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a592d98618c9e93fcf7a8a1cee&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Frame ID: 1E2D27AD84D0EB8F97387F00D2FEB122
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a6b4d41f13f9c4e9f743921283&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Frame ID: 3A994B6FEB4E1F4F0EB4E18E7B462723
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a65f20d5d59588c87b32b6dec7&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Frame ID: 0C71899FA6A2566131E44F231FE400B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

True North Air Conditioning - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

82 %
HTTPS

50 %
IPv6

32
Domains

46
Subdomains

40
IPs

6
Countries

1635 kB
Transfer

4351 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha&onload=captchaLoaded HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?compat=recaptcha&onload=captchaLoaded
Request Chain 56
  • https://pbjs.e-planning.net/pbjs/1/7d9e8/1/pastelink.net/ROS?rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C336x280&ur=https%3A%2F%2Fpastelink.net%2Fltwtkztm&pbv=7.54.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastelink.net%2Fltwtkztm&gdpr=0 HTTP 302
  • https://pbjs.e-planning.net/hb/1/7d9e8/1/pastelink.net/ROS?ct=1&r=pbjs&rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C336x280&ur=https%3A%2F%2Fpastelink.net%2Fltwtkztm&pbv=7.54.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastelink.net%2Fltwtkztm&gdpr=0
Request Chain 73
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=01674dd8-fc9a-4054-9cbe-d0eea7587724
Request Chain 94
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1707217061702 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6540090230 HTTP 302
  • https://sync.1rx.io/usersync/turn/3248951997324354912?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003

153 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ltwtkztm
pastelink.net/ 		73 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
d640245a73a6367c344a067007733667070703d34bd34277843c46d9fc9f6787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 10:57:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 10:57:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 10:57:37 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/ltwtkztm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/ltwtkztm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
765b93aeade2b02991eaf08e2b67d52e70906902f609a4c22bcf50fa4e618bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/ltwtkztm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Feb 2024 16:30:27 GMT
server
nginx
etag
"65bbc723-b91d"
content-type
application/javascript
accept-ranges
bytes
content-length
47389
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
562912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6S06SxY44X2nsaeV8ZYHe%2BJrChn6gN7sn1fKaMl0ihbVeW%2BXRF8vD7QsBCVGYlgMT5hO4HcyIKwxl5alc%2B3vQFU2tO6PfO3xEskKP0tdYX9LUAOqZpwdoUUih3RToWM62tLDIJp8FhY%2BSL5Vo33cd7CT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8512df8e2fe7baa3-MXP
expires
Sun, 26 Jan 2025 10:57:36 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/ea25f566/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha&onload=captchaLoaded
  • https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?compat=recaptcha&onload=captchaLoaded
37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?compat=recaptcha&onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8512df8f99252355-ZRH
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 06 Feb 2024 10:57:37 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/ea25f566/api.js?compat=recaptcha&onload=captchaLoaded
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8512df8f18542355-ZRH
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		269 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74c6007cc8c4886df9047fb7441debcabd103152b788eb9154ab5182d9bef7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94114
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Feb 2024 10:57:37 GMT
pastelink.js
cdn4.buysellads.net/pub/ 		572 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.85.187 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-15.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
164bfc018bef1fb83aea134c5e3a02e256fb8fbeeecc38b21928724411889d0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
b97e3694afdb8727d689f7b2f41b6bd260326585
vary
Accept-Encoding
content-type
application/javascript
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:03:10 GMT
x-content-type-options
nosniff
age
575667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:03:10 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:54:00 GMT
x-content-type-options
nosniff
age
576217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15072
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:54:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:53:11 GMT
x-content-type-options
nosniff
age
576266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:53:11 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:59:52 GMT
x-content-type-options
nosniff
age
575865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:59:52 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9824217ba941ea991cf0fb330e76f5696331282157ad94a90d68af4ab20c6619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88115
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 10:57:37 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 09:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4168
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Feb 2024 11:48:09 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je41v0v873532799z8831407672za200&_p=1707217057099&gcd=13l3l3l3l1&npa=0&dma=0&cid=203521765.1707217057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707217057&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&dt=True%20North%20Air%20Conditioning%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=749
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
btloader.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54985c9e56ab3f740e4c7ba599cb674260f68d5ab2d8195c460428ab34fded1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 06 Feb 2024 10:37:16 GMT
server
cloudflare
age
1033
etag
"eda5ca1883ffab74c6a7d6417494e8f8"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8512df90ec3d3744-MXP
content-length
20782
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d0de5039ecbf516bfdb663942894873d99f2817934ec3a3a4fbfb374e77bf04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29595
x-xss-protection
0
server
cafe
etag
333 / 19759 / m202402010101 / config-hash: 3960797945506168647
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:57:37 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=255930034&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&ul=en-us&de=UTF-8&dt=True%20North%20Air%20Conditioning%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1701678229&gjid=2070818594&cid=203521765.1707217057&tid=UA-55088947-2&_gid=736134293.1707217057&_r=1&_slc=1&gtm=45He41v0n8155WHPWQv831407672za200&gcd=13l3l3l3l1&dma=0&z=961765269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37fa7bca05d8ef8af02f3fd200b3f935b34dca9dd42731fd9143093fc59b35d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84642
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 10:57:37 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Feb 2024 10:57:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532492
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHBphBtH7jRBN2G9V%2BPdnImRzeCkr7oB6o26pCnMowOIjaauXhp6sp7CIhEyvMIf0KNp3w63B129nlJS1F1qmFxR22js%2FOWygeYd1YAjQOl3HQV%2BauY%2BJmI4S0%2FOgXOs6JQlX7e9Q8crvGI6vw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8512df916ac20d66-MXP
expires
Wed, 31 Jan 2024 07:34:24 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 12:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 12:58:06 GMT
px.gif
ad-delivery.net/ 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5010852223907141
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532492
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Shc5wejzhVpY%2FwsHpt4pgjYXFW%2BGHq2A9mBrL4qJQc8UD7TjIBbx8ZtVcEMgYiVqEkKkYOKo%2BDw%2BMu%2F04kb3eEiAJ3ARKHIG%2F%2FrhFEm3Uan81KAWJalb%2F6Na8DZ4WxfX6MwXI%2B0nlUV9CdM%2BQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8512df916ac40d66-MXP
expires
Wed, 31 Jan 2024 07:34:24 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je41v0h1v9136110041za200&_p=1707217057099&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=203521765.1707217057&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&dt=True%20North%20Air%20Conditioning%20-%20Pastelink.net&sid=1707217057&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 11:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83970
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139580
x-xss-protection
0
server
cafe
etag
9278201123426970819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 04 Feb 2025 11:38:07 GMT
22405481091
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22405481091?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42eb3397060841086dc97e91381cb3b661c7113caa4aa42db1ae042a028d0588
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Kpu272Tq_sXcITZDV1PThA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Kpu272Tq_sXcITZDV1PThA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcCxc2LGOTeBEZ-97JgAMiFBE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=Zcf2oWuk&w=5093624318001152&o=5102648370397184&cv=2.1.32-1-g3ff2e17&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fltwtkztm&sid=sOe7rgpC&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Feb 2024 10:57:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
AGSKWxVLtdBaBVaqY2YtD6KMlXnAbVu7vEV1fzJaPEcn13UtnpueGpW0dRrOIKKF9kI9kvnd1LBqwxgqkLerOA5MvADIb4pCMQ4VytKEH7Labb86HhfgCapSNK3G1vbga7ChhZykHqm_WA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVLtdBaBVaqY2YtD6KMlXnAbVu7vEV1fzJaPEcn13UtnpueGpW0dRrOIKKF9kI9kvnd1LBqwxgqkLerOA5MvADIb4pCMQ4VytKEH7Labb86HhfgCapSNK3G1vbga7ChhZykHqm_WA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MjE3MDU3LDg0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2x0d3RrenRtIixudWxsLFtbOCwiZ0R0eWc2WGw0NWsiXSxbOSwiZGUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c59f78308798d9b871b4672128e8aa0a73b15d65ea3e081045bd579ce4f8a330
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q2FFlwRjebljK3BY12EgDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-q2FFlwRjebljK3BY12EgDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcCxc2LGOTeDHxUkrmQENXlB7"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWVQXWEnoJHDYh3weioElIohtStt0PLsKsZLYX3RzS-sHHTbLBZ28xa1j1xUBrybUBfEPggbz8_rt6FbMoH1VjVT33t5S15quDUf92LiNg0cqWpMnLznz_sogQFPQiI6S0m236bwA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWVQXWEnoJHDYh3weioElIohtStt0PLsKsZLYX3RzS-sHHTbLBZ28xa1j1xUBrybUBfEPggbz8_rt6FbMoH1VjVT33t5S15quDUf92LiNg0cqWpMnLznz_sogQFPQiI6S0m236bwA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MjE3MDU3LDkyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFzdGVsaW5rLm5ldC9sdHd0a3p0bSIsbnVsbCxbWzgsImdEdHlnNlhsNDVrIl0sWzksImRlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a46ec957986e55b0fd43ab4aee4fe539c074949110909c870bfe048dedcc08f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zhySv1LEnYasbPfAQwoDeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zhySv1LEnYasbPfAQwoDeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcCxc2LGOTeDAj-MnmAERdVDD"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
fundingchoicesmessages.google.com/f/AGSKWxVcIcvE9Kia-EhDZly6ljUfi8nwqH46fqsoSXv3LuPLtOGHyGLSBugLfrhWx6xcFENELEAtCNgryPujCUD9qnmi1rKtH_EwSIwzZm6AD77LOH3uvdAI3w4Bizt-xCdrRQP9BRmLUbmIwIpc9O6BtwqR8EuLj... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcIcvE9Kia-EhDZly6ljUfi8nwqH46fqsoSXv3LuPLtOGHyGLSBugLfrhWx6xcFENELEAtCNgryPujCUD9qnmi1rKtH_EwSIwzZm6AD77LOH3uvdAI3w4Bizt-xCdrRQP9BRmLUbmIwIpc9O6BtwqR8EuLjCnqpoYfWomQFLYtBLbRuLrnyHpZJjPb/_/csp/ads?/adplugin./images1/ad_/adlantisloader._700_100_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOkeKZ5DCvIIGtD-dFwwHRUpo-mQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eab9336ea8b2145e4930e9cddd09b8faddcef978cf8c7ab584d773f82fd908a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hQz7uSRAndOBebnNN8Uviw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-hQz7uSRAndOBebnNN8Uviw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcCxa2LGOTeBE598FTAATNVBu"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOkeKZ5DCvIIGtD-dFwwHRUpo-mQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 19:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
56759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 19:11:39 GMT
AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XYaBinGUEfBOEhPEP5tf0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XYaBinGUEfBOEhPEP5tf0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY9HCjnVsAg0_Vm1iAgDIsh6n"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qziaFiayTo-rNVudehJ_Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-qziaFiayTo-rNVudehJ_Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY9HCjnVsAge2rdvIBADG0h6h"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-koMgjrlLPVnbWooV4rIFpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-koMgjrlLPVnbWooV4rIFpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY9HCjnVsAh3vJxxgAgDD8h6L"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXTUpyamBycYrnsz4Ht6j_PcRtnF79tDufxte_NqWWzXKd4FaKEGZ3F8Fu611C7xvvgkyMniFUFqX--bPWO0qaOIhCh0R_rYxcodogGrSTdwy5T79e81JnnA32IDromqlQyuWe2XA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W0adxYFilBZafAoj_Vn4ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-W0adxYFilBZafAoj_Vn4ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY9HCjnVsAjf-Pz7ABADLmx9O"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXbNqGaXHzW-Pu7dl2bA8vS_NX_yMpQjJbKfGJnh6XOOI1fBEN34pBVbqOxB3RjOzomXNtZoFkFtJv7DDP5XX9gUnKQXetRsx5IxMsk4gBL4vARajl4nrnEERoeHMkexQDw2HscmQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXbNqGaXHzW-Pu7dl2bA8vS_NX_yMpQjJbKfGJnh6XOOI1fBEN34pBVbqOxB3RjOzomXNtZoFkFtJv7DDP5XX9gUnKQXetRsx5IxMsk4gBL4vARajl4nrnEERoeHMkexQDw2HscmQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MjE3MDU4LDY1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2x0d3RrenRtIixudWxsLFtbOCwiZ0R0eWc2WGw0NWsiXSxbOSwiZGUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc38bb7f8fd01c7f4d3cd51d28fd37efc63512f03a92bf00977c18622f084d2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dZUS7KngS_agQJXaErBM0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-dZUS7KngS_agQJXaErBM0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcCxa2LGOTWDDt5bTTAATXFB1"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXf9gBfxiq0pRUujgPb73kpwibhks9-XslSC6dkeuOdMXk4k7iOqcyj5BwnFTwn8lSbhy3s1Wm3efhENTR9B4dZ6AJ-N7ojDGYWN5O6IR7ApbZ1ni2byiZ4p3Eul4q0oPi76efLcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXf9gBfxiq0pRUujgPb73kpwibhks9-XslSC6dkeuOdMXk4k7iOqcyj5BwnFTwn8lSbhy3s1Wm3efhENTR9B4dZ6AJ-N7ojDGYWN5O6IR7ApbZ1ni2byiZ4p3Eul4q0oPi76efLcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5QiBY2iniQsa4KVLMPPzIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-5QiBY2iniQsa4KVLMPPzIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY9HCjnVsAjv2HbnDBADHYh7i"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastelink.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
CWYD627N.json
srv.buysellads.com/ads/ 		1 KB
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=527175&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.227.38.224 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-17.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
0ca073c545c78a94af4be972e1790e370c1141230332dc6ef59b717cab581f7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:39 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
580
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 10:57:39 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
334021
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 02 Feb 2024 12:34:08 GMT
Server
cloudflare
ETag
W/"922cffdd75f7192f75231d92684885aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGMecKH6XU7YtvZ74rRwFXly0Xw3J6FXBOHoDTwhjzd7%2BoRdGvGBC0BxdZ%2BFqGVcgLtoTbuqA3xqD50TTOYxuwnvuNk060Akxa1FWH1FF6wfR%2BtAAyoqgX0%2BPJZq6zovvY8PqeH2jwT5%2Bqz9"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=1800
CF-RAY
8512dfa0cc503760-MXP
Expires
Tue, 06 Feb 2024 11:27:39 GMT
prebid
prebid.media.net/rtb/ 		1 KB
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
32e2c4314ec568d562201ba73c089d2f0f0f1843fd19bbd952e783557d51112d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:39 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 10:57:39 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997c42431eab7409add90c256ff62060943785cc442951a29ed929f95f50743f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Tue, 06 Feb 2024 10:57:40 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8512dfa0eac623af-ZRH
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&gdpr=0&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=e9c69f1b-2981-40a2-80b5-067258289932&l_pb_bid_id=9edd02bf19b08&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e9c69f1b-2981-40a2-80b5-067258289932&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.4210542622757758
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0637b7b63debad90de03d0d560cfa62a758a8ca0975e0d851d9b62c915c95951

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:40 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
rt.marphezis.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Tue, 06 Feb 2024 10:57:39 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
adreq
ads.servenobid.com/ 		592 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8958
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a268a433309501cbee829c1f08aee61096fc7d75dd06fe2c0ce03b4ed1bc398d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:40 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 06 Feb 2024 10:57:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/7d9e8/1/pastelink.net/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/7d9e8/1/pastelink.net/ROS?rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x...
  • https://pbjs.e-planning.net/hb/1/7d9e8/1/pastelink.net/ROS?ct=1&r=pbjs&rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670...
167 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/7d9e8/1/pastelink.net/ROS?ct=1&r=pbjs&rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C336x280&ur=https%3A%2F%2Fpastelink.net%2Fltwtkztm&pbv=7.54.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastelink.net%2Fltwtkztm&gdpr=0
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
6ad5bb6ed7166a306bbe7c4a074d8df8ee92f5eb485bf932148ee2a4b50a738a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 06 Feb 2024 10:57:40 GMT
date
Tue, 06 Feb 2024 10:57:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://pastelink.net
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
167
x-sid
AMS-928

Redirect headers

date
Tue, 06 Feb 2024 10:57:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://pastelink.net
location
/hb/1/7d9e8/1/pastelink.net/ROS?ct=1&r=pbjs&rnd=0.9327072894724575&e=300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C336x280&ur=https%3A%2F%2Fpastelink.net%2Fltwtkztm&pbv=7.54.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpastelink.net%2Fltwtkztm&gdpr=0
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=73504347444&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 06 Feb 2024 10:57:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ 		980 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
c135ee1f7a787830dfc397e4393309618929290cbf9eb4f4243aeb41075bfd36

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:39 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b8b244b300dd9b8c18cfd5a606249c4aed1ee04eea0730db9178ed7db3ed09ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:40 GMT
an-x-request-uuid
4d279d61-bba6-497b-8e49-e9157541071b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.20; 176.10.106.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&PageUrl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&PageReferrer=https%3A%2F%2Fpastelink.net%2Fltwtkztm
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
0754e5b9945a29f892d53b7ede7476448d8cab68fe54fdeb1835590faaca64bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:39 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
12
content-length
358
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1976fe80c2d62438ff78bd757560555c15428672d295f4ae75f385e28ab687

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 10:57:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
339799
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 02 Feb 2024 12:34:07 GMT
Server
cloudflare
ETag
W/"5e52aafe0731d9e2e776e4109559f5de"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezNDwa64j%2F27b1zB3lRrQweA76L9xWdJeJZ2FzIt2AFJl1U229eHA1B2%2BxaOsQ26H%2BGe7wowuI1gTHSJhrwWjoPQoQz5krdmCLgxl9GE2sIaSRbET5FK5oNUZxYoXLSWvQ0MyL3T39exrRM8"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8512dfa13a310d5f-MXP
/
onetag-sys.com/usync/ Frame CEF3 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ads
securepubads.g.doubleclick.net/gampad/ 		864 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1403497761531756&correlator=2205870006376177&eid=31079957%2C44777901%2C31080684&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&gdpr=0&iu_parts=22405481091%2CPastelink_S2S_TopLeaderboard_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280&fluid=height&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707217060491&lmt=1707217060&adxs=310&adys=317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fltwtkztm&vis=1&psz=705x156&msz=705x10&fws=4&ohw=1600&ga_vid=203521765.1707217057&ga_sid=1707217060&ga_hid=255930034&ga_fc=true&dlt=1707217056933&idt=673&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=3944560474&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c55a872d13e131b2e7447f814e7c97ff07c03c5087e77035db0d0c434e6f525b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
423
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555c4345010b5b680d529675ac160f93dab40042d1893e82a86de9708e12d862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12090
x-xss-protection
0
container.html
eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 10:57:40 GMT
expires
Wed, 05 Feb 2025 10:57:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 10:57:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
45658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 22:16:42 GMT
expires
Tue, 04 Feb 2025 22:16:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 13CE 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d02dceb7973a11aa0dbd3a3dd5ad24b6a5550a80763f7e190a9eb9248e0b82a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yFk_ZZfv4o6ZN_gDepEXYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yFk_ZZfv4o6ZN_gDepEXYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 10:57:40 GMT
expires
Tue, 06 Feb 2024 10:57:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 6E95 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 11:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
83649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 11:43:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 13CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=1403497761531756&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6E95 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?j_uNmA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=01674dd8-fc9a-4054-9cbe-d0eea7587724
0
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=01674dd8-fc9a-4054-9cbe-d0eea7587724
Protocol
H2
Server
34.149.40.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=01674dd8-fc9a-4054-9cbe-d0eea7587724
access-control-allow-origin
*
date
Tue, 06 Feb 2024 10:57:41 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=1403497761531756&bg=!NDelN3jNAAa8BdJLnAU7ADQBe5WfOKEA7WjtjQlXuOQTl6hdoJkC-RND-FcDzlaE04XxwT7BE_IW_hQissFgUZzSL0g6AgAAADhSAAAAAWgBBwoAiuMdAG5L2cZ8xtoNsrA8QA8S0ve7kUlZ72AEyrw6NNSBlLKco1A1hlMfUfXXvt1e6Uc8g5DfWbkkzmxgQlIDAKDpvuePu505-mfvrQ9K73VzMj6W_o6xXNmotipAkhNkVC_waSIXCeVuaHhXgHOGEXOrngeiBijf1Ode4qDJYb2fU-iy6AIS6-zej5kCxb3Mx08boJeYcJKdN846utHkhO3mdl0iY1lZTbYMrIZkCB8ddv6EzKyfOPTUdIVgKUuKnm_XXwKVvM1bNHgbfDDRS2mAcX_qwbt5XHEYzjxsVSlpycs3kZFa0lGx3qcHRHdIi9RwzRvLijz1fdJCSyc4RQRg5ImxzokdXGxfVUDlJdN8-_hT--tSoC82VNWThxOG4nX0Ds5Tvx23XycbIajLVZ34Bt6VIaPphJS04rFTdbYV6x0NpPC0UrYbLwa67LiKgCXMnKyDbbq7gsm18WOe1-4OZuj7p5TRChvxOWjunFXuWy2QjqQtWpJwLom54M1xcWGuucQt79kh5oPDC6zf9frVnIHqVHW-EOODxLuHZ0TUuMNWOmW2xZN8SROnBWtgUcrJQyaKkQnObAUv8WsG1nlCWcRRLHMhhP9q9e-U721XzjVy_Ui1N-qU-UJs5Wvz-x0L7E1fv-5UDMeg17rqoJSfCVobanB6JC8xzCDF0tfu7oYwzpmMSAqyC7wivWX10Qit-rS4TFSG2wrGby7RnYyfR1gWtnMh61-9PoyBXvJdz555gJYroFsEpM3S0IPu8rEXPB1mw5aWt6-n_ehYDrkA_eUno4JK_G8Rbio1sXXP6lXxtZ0JxTQ3ePkwgFqG_Gk-c9K7qAEQM9fkz86ERye6u9tveVj8uU8OxzZVkd0Ub-ONSB8CDqIo5CMZL39xRXsNxEHPSKeATbFXeLDJRiwzNAQJR3kyC_4ycYiy1t05MNjdXRQEfW_0HJy9EsS-OKvgIE1JtTJVRxrZlvHk8zuh73zDFTPKcPHxwpyQk6kiinS_4rMZRoXBtmOaOz8zJaRDMxtWNjTQGlinCFZXuQ3I1RgrpICtUuQl0fX2af2gwjK9qc-smHY6gjgsG9k812zcFMH5_ZojQdbpzFoXhgRIMMQqZFvuqT9HH_LkvGgM-tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fastlane.json
fastlane.rubiconproject.com/a/api/ 		466 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&gdpr=0&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=3babebaf-af65-4dd8-8e2a-ba99ff61bb8a&l_pb_bid_id=325796bab6fdc3b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3babebaf-af65-4dd8-8e2a-ba99ff61bb8a&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.5118311651969318
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd305aa56423209a8d7e42a0297f7658c1501207236ce9bf0d907fc62b6e1cc7

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&gdpr=0&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=22752900-90d4-44ee-af0b-ebc1fc018f6d&l_pb_bid_id=333b91d7cfc4a22&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=22752900-90d4-44ee-af0b-ebc1fc018f6d&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.6425454581405812
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0148ccc13601258eb42ff9af62bfe09e23eaf4aaa490315b4ddad7a47666b8a2

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		468 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&gdpr=0&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=800c6b36-87ac-4f6c-bcef-ade8c7962e21&l_pb_bid_id=344299cc5d3d2e5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=800c6b36-87ac-4f6c-bcef-ade8c7962e21&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.6382253785125969
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3fad1bfb0bc74d18618f94477f8061ad15a44bff612481a1825e6990e258e17f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
468
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&gdpr=0&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fltwtkztm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=6b5b3b32-7268-4557-8bed-e2ac65a47a19&l_pb_bid_id=35e921d92053fc4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6b5b3b32-7268-4557-8bed-e2ac65a47a19&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.2625781615046763
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d50647e67b654918479e0dea0f2dc5215dae320fc930a62f5f3292a53baf3c4

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
894a94ba8449fd82c9f3d0df1560f4928879d8b32f2c4b4c97631614f316334a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
an-x-request-uuid
312924e0-0423-4510-aa5a-a8b29dabaa72
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.20; 176.10.106.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
472
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 06 Feb 2024 10:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rt.marphezis.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Tue, 06 Feb 2024 10:57:40 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
adreq
ads.servenobid.com/ 		592 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10718
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d2432d1ad4ec059a323435685cf25fb6648a499182e13a48a1977195e83a2ac

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
prebid.media.net/rtb/ 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
944aa53b497877e76c535d20495c94335d9ebb58bc0cf04ce8f64fe33712d024

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 10:57:41 GMT
cdb
bidder.criteo.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=18008817861&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fabd9cb49cf72eaf7e43df03c83a6ad9305e9885c4594b31ac45115ffbfa4d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
ROS
pbjs.e-planning.net/pbjs/1/7d9e8/1/pastelink.net/ 		237 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/7d9e8/1/pastelink.net/ROS?rnd=0.9327072894724575&e=728x90_0%3A728x90%2C970x90%2C980x90%2C990x90%2C468x60%2B728x90_1%3A728x90%2C970x90%2C980x90%2C990x90%2B300x250_0%3A300x250%2C728x90%2C468x60%2C728x200%2C580x400%2C750x280%2C760x280%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C336x280%2B300x250_1%3A300x250%2C300x600%2C160x600%2C120x600%2C336x280%2C240x600%2B300x250_2%3A300x250%2C300x600%2C1x1%2C320x480%2C336x280%2C480x320%2C768x1024%2C1024x768&ur=https%3A%2F%2Fpastelink.net%2Fltwtkztm&pbv=7.54.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fpastelink.net%2Fltwtkztm&gdpr=0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cccac3fd078cee9c9e665d2551386197b12adc24abe8149cd7d6b501cf7b13cc

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 06 Feb 2024 10:57:41 GMT
date
Tue, 06 Feb 2024 10:57:41 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://pastelink.net
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
237
x-sid
AMS-928
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc13491e28a0f2ed58db5b76b6b9f7ad7515f85702cd45fb963c9d397db9a6e7

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
via
1.1 google
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Selecting bids. No selected bids
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8512dfa9eb3123af-ZRH
expires
0
v1
prg.smartadserver.com/prebid/ 		865 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
8c6bf876230b9d3f320d7844ebb65a63697f77188c296fe61309430b3dca67ed

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		719 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
2ffec9f9a2db8c560cd149fc08f5f4f53a84a5cc3db149ae008e61b2fb4d8894

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
615b6a25fc760a6d13d62c8b4783811bae989bd7f195109655abb90136ecbe4d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3aff26e70916db1b5f26b512d847d2d8eb5394115a97de2e2b1c09002b95b55

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
763bd2a3d91e236708a0897bbf57cb12274235069d119a2af52c567c3af833ff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&PageUrl=https%3A%2F%2Fpastelink.net%2Fltwtkztm&PageReferrer=https%3A%2F%2Fpastelink.net%2Fltwtkztm
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
362196c81e127b948ea325a290e6cf9cc77c24c36ebb1108cdc414455f82d7ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 10:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
235
content-length
482
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1707217061702
  • https://ad.turn.com/r/cs?pid=45&rndcb=6540090230
  • https://sync.1rx.io/usersync/turn/3248951997324354912?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003
0
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003
Protocol
H2
Server
34.149.40.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:42 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-a9b0c0fb-8fb2-417d-8e3e-f35ada89056e-003
date
Tue, 06 Feb 2024 10:57:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa9b0c0fb8fb2417d8e3ef35ada89056e003
content-type
text/html
ads
securepubads.g.doubleclick.net/gampad/ 		101 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1403497761531756&correlator=220091318765625&eid=31079957%2C44777901%2C31080684&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&gdpr=0&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=2&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&eri=1&sc=1&cookie=ID%3Db48a5923430fd5f3%3AT%3D1707217060%3ART%3D1707217060%3AS%3DALNI_Ma-o5_DosgPcPGaaJ-Qi4wVLBqKaQ&gpic=UID%3D00000d52069e5492%3AT%3D1707217060%3ART%3D1707217060%3AS%3DALNI_MbNQxaYcsKWtETlo-tyR8ZCw5laUg&abxe=1&dt=1707217062058&lmt=1707217062&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C317%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fltwtkztm&vis=1&psz=1600x-1%7C705x156%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x10%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=203521765.1707217057&ga_sid=1707217060&ga_hid=255930034&ga_fc=true&dlt=1707217056933&idt=673&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_creative%3D11294072%26hb_adid%3D11068705d7e3c383%26hb_bidder%3Dcriteo%26_bd%3Dbid%26_pl%3D0.01%26hb_size_criteo%3D728x90%26hb_pb_criteo%3D0.01%26hb_adid_criteo%3D11068705d7e3c383%26hb_bidder_criteo%3Dcriteo%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_creative%3D11294072%26hb_adid%3D1115115e42effb07%26hb_bidder%3Dcriteo%26_bd%3Dbid%26_pl%3D0.01%26hb_size_criteo%3D336x280%26hb_pb_criteo%3D0.01%26hb_adid_criteo%3D1115115e42effb07%26hb_bidder_criteo%3Dcriteo%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_creative%3D11294072%26hb_adid%3D1125b6b60c41d8a6%26hb_bidder%3Dcriteo%26_bd%3Dbid%26_pl%3D0.01%26hb_size_criteo%3D300x600%26hb_pb_criteo%3D0.01%26hb_adid_criteo%3D1125b6b60c41d8a6%26hb_bidder_criteo%3Dcriteo%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&frm=20&eo_id_str=ID%3D2bb3b73c5a14d7f6%3AT%3D1707217060%3ART%3D1707217060%3AS%3DAA-AfjZyxqOnX__tTpjUVybXVfkO
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5f3e9078bf8c687895709813d6767f189deffa8429801a7d565d1225f71287f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17216
x-xss-protection
0
google-lineitem-id
6244825801,6244825801,6244825801,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425476187,138425476166,138425542068,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 15:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71105
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14246
x-xss-protection
0
server
cafe
etag
1834480086689483259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 04 Feb 2025 15:12:37 GMT
/
ssc-cms.33across.com/ps/ Frame 779A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 -, , ASN (),
Reverse DNS
Software
33XP010 /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 06 Feb 2024 10:57:41 GMT
server
33XP010
x-33x-status
2020008
view
securepubads.g.doubleclick.net/pcs/ Frame 6D3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUGY29bsanhEvnr9JwgILVCZsGcCFuZZdM2wIP8smWoeaCIweO-cskU6G97RrOZlQtDtMfQZ9fL0Wk-MKAWkG9Re2R4-mEF5sYVEVSv48TuNFIoy0jWxeEpf3Bc0aVNjAGcLIEhpgzu4YfDDO9aX6NLch2iB_ZXX9T_wzsSZYNgjuU-B3nI4SrFp39KBW5TGSwSZB4zz4d9HjrUIhxzWmm0alcC0Tej7P6pTvAyITeSqzLmvxm4yeQK-PdDdDTMQlEdBQODbBDk2cLdhBNZL-RboCpL8kdg5UmPGZUbvQF3R2wGhtI9sqKbcaKnGRGOt2TNjUIAlnN2qxfGMCYRNAeVe8vfNyZ5I0oF-OsIU0ZGdJFemVRqOgKyNlQiJTyb-fQwCDHn2M8vQwx82-y&sai=AMfl-YQDXe-suV77Ol2QJ5waingYM2FdFHMncl_ox-5Hz4Nnl7f00S3JWErROeJHG3TK6swHY5B5jZ8ox_w66BNmrlk4i3TYTmDZTykRFyHIRFc9RsGehSMeRL2Nyxxuuk0&sig=Cg0ArKJSzIf-Qi1O5U4eEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame 6D3D 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.85.187 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-15.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6D3D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66417
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707137874550712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:57:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrUsw8BE_0IncOWHr73MMO7HEFuxQwVjbsG8igxkek22SSMj6iyl5DEQh14dANmnhDaspZdvJ_Qiwpu8L2jLRs7LWfqW-3dF8KXneW54_H4hABMJQ1loC7ZHoqVa4mlOsVxnpbqr6bVClcII87qBj04wTSPyoLX1Btqf_fqraU6NTz2xKAytvVLiritmTdACF4_Gw1XvQ8tlsWswNkZA5oFEusHHxPO-oQBWgqAJw8Ixh7ZXp2cYdoQELZyYpCBXuKnZzyH1u0OVPhIIOPLcn3HddEjATyY9uVWNfLkxP1g9fvSMZLfPgK4yzbWO9j8ZOUbigNyyy8FPyRT0okBY4rfm4x6yKjIHCjzT1nqg0frYzccvGJaho6g5zEmBQYZz3wbC-zDNobDuGGB2_NADGN&sai=AMfl-YRbMmcuFE-aQSaRGyh5QB9pK_Zn353J1LMoOzWxRHWK67-PSEteYl8sL8kl9MLLPDNa1CgOVbW-mOx1cRqzWO4scKuz2moPl_YiyGT6tvWxtbb4ijA2xt3_PP4xUns&sig=Cg0ArKJSzKUpEaqN89k8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame 04F5 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.85.187 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-15.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 04F5 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66417
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707137874550712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:57:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A557 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUvyWX8udzA3hQqFVuTEu1OynmENmxpH2IE8avSSq6HXUfuA-mPY3wK6URHaFgYz4a3cGDEk_vBGugyP7sgDBh2FaUD5MZJWggEtlUiwQCOHfAPQxobXGLoHWIBtzukaFiHXyZKIRvMKy-588snDA1kk6jpmp4HlB48m3c2EuuzEGB2feilZPAWggTMAk_6oUIOQCcffONBzQBN5dkJdkQKpF2VZd1LQZWUIoDw9AhpiSqAxWFO8NJaWknImyLWdHOtsCUZp00aik-C0KjG7ceJIZMiFF7-UAz6g5_5Cdfh4y6hzEqYHBk7U6p52CMpoaZ1AwXRME9AVwzySSRINXhfMA75nTxTLi_5ez7RqvWOMGeRFEOddcKysQu0xPZ_DxZgZTqWSWH4kA&sai=AMfl-YQ53xfwCIA2HOgtQLKHfUYdw-BNeY6iXObfpQcWkvSS-ofmWl13efeo2kK_BBO3-pGnHFX1j0T695xX8QN57RhS5c0m0i9tqcEOoS9jG0v7RUrBujeK0QdiOTODUFc&sig=Cg0ArKJSzKGY1mPbCMGpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame A557 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.85.187 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-15.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A557 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66417
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707137874550712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:57:42 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame AFC2 		141 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef41e92768a3bb948259d452129365d45e46bf03fe0f5e41e2a51ecdfb5f2daf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 10:57:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yqREJhq8PmmLtuOiL5fddQ__Q9nmSAo3PJMIBsAeG36lipKtxj5hkRjhVorfZM1qbwWliOJO6GWKiG11RO_s9YjKwFp4BThA7PuMho1l2hHFiJE3-jGPk6xVPl1MzfQtzcYT8v7JTDdjhV5e-G9eQryqlWQB82I3EdgboQuRNbbEjroQNb7sxsE4vGmNpmfgBjzUHevDM_AG5mRS3fkGIspf71Pdzre7oEIlzazdYl8MoRSQnR4ZzpPxPAEfesjoI4sk4w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
44384810
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.nl3.eu.criteo.com/ Frame 6D3D 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=V9b_-F96SzF5Q0FMWXVPU0tVZlpVMHI1YXhHMEZESzBCY3hZTDNZMkxTMklZY21ROTVVU3ZvQlJvMVNOZUslMkJ3RyUyRnlHVzNCeVpCWTJEUkNhTVI2UE5XeWpsQndYRFZRR0pEUWpHSklHMVV3V2gxQ0pLWUM1S3hOR1VZbEJxWWFVcmQwdnZFYmFySDBNNExrbEU2UFhEZEpHeVElMkJ3ZENGVEU1NU9kVTNrdDBCa25MTm1HT0VNdHRRJTJCeEQ5b2puWUtvZWZQVjdtUVBzUk5peVZEdmJKN25VTmxVeTJ5UWpoTWJ0VWM4MmtINlZtMUxudjFneEJhQUhGMWZ5ZWpnaUI0bk9EU0NFVG10c2JZWTZsYWhCVHBTJTJGcEV0Nktvc2lyN0d3cllOSERWSWQzeWh5NlNmZXRUJTJGS3dLeTlFQTJPVWZkdGpVR2tWNGtZY3gyMzVJV0I0WXBGbFhGamw0QVhXa1RLbHV4SU5hcVhBQTVOSXhuZ3lQOSUyRnhCWHNLaERhbDd2aW9KWURwZnFOWkJ5dlE5cXpsaXVLQzBKaEc0dU5nTEJLbXVhSkJtRXNiTVpTcDVwRUg5Snd4U0glMkJ2c2ZsJTJGd2V2WnhzNXBKZTlnZVBRdFJxUmVtQjl0bFNndm9PVXk2VWVnTkliUXZGeXU2Z2pOVkU3TE5xQ1JyejkyVURsdThBd241MERMMmwzYjkxQ0xsbUp3ZUo1WTZDZTlrJTJGNW1hM3hsMzZ3MndwNzB6WHNrdXZxbFdVTkVnWGZtOFRxRUVjRjBEYg
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
226245
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.eu.criteo.com/delivery/r/ Frame A35B 		136 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8639fbdd08ac3fd3710deaaeb78e7901bd7550a34599f5542f3ff51b602b3786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 10:57:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=q1dGERq8PmmLtuOi2sC8iCiFQuib4PZ-bravNDne8zJtNJY-H6YRPMxOU5bB4zib0Cq7weUG27AZTPfysDP37hHx5OSuEEZ2qtKD-SIs697ePZQFypMK_yVKXXjWhS4udb4qwoAX25Ylw4qBnoo3NeK2gtn4NeUrfGu8WVQCOoHpikfodnoYYfUIa8-BjkzALvM5hhvGpLz75WiqqBMQ2nTO-9AHUnZ_BvE0CbEsTquGyXKsyiQ-AFEGcf3_Vb7El2lQhw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
45717327
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.nl3.eu.criteo.com/ Frame 04F5 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=DROWpl96SzF5Q0FMWXVPU0tVZlpVMHI1YXhHMEZESzBCY3hZTDNZMkxTMklZY21ROTVVU3ZvQlJvMVNOZUslMkJ3RyUyRnlHV3VzVWxEYkppMm1KREx3ZWt2NGJHSkhTOERQJTJGdlpIbjluNTFLb3dNbFZYWVQyY3hCNnJ2UGg2YXBaZDU2TERjaFkwT2dBbXVWS2tid2VXYkRWaHlVV0JUMDk5WGpZNWpVcHBucGlnelhqMTJyRFV4RHNLMGZDbTA1N0NIelpJODQ5WTNHOE9oZG5TJTJGWjJHZDNzdDdmVWs1Q3FxTFU0diUyRkVxY05vdnhGN3JzbEROQzc1NGVoUEhjZHJBdmhuc1l6UDQ1eEM3NWpFdXFlZDB0b01LJTJCV1VOM0VnbUU0NnlBQXJBQTkyS3FtNlNwNlkxQVBDRDRoJTJGdjIwT1g2T0xoNkJPVUl5ZG9NRFMzOHdmRnQwendqYUtoSG5iOEJUWE1naWlxN1cwcldRQXZrQTVFU3VhbXAzN3dGNXg3RFRZQXdCWVJIVHNpTU5mTzZTTHN2VFJ0OTlwQ0M2STJtJTJCJTJGVnN4Nm5lalg1RTVKdm04MCUyRmY0em5hWnVSQm1jU1FaZW1qUzFsYzhDOTZyNDQlMkZTNjVYQ3F6YlJFdjdONldDTVFhOGg5eGQ1QzVJYWk3RWhMZ2glMkZ6QU5DJTJGVTJNYnd3bnpBVHAxcjRCeTZtJTJCQiUyRlI1UnBlTXdQM0slMkJTUWF4eHdxWCUyQk10QllYSHVuQzJiQlR6dnNwJTJGcEsyMUQwNmJGaVFQeU83Z3A
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
222298
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.eu.criteo.com/delivery/r/ Frame B18A 		243 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2hOzplP52AhIZPTyGB2zrPHzuTz2toxb0ztAZwtmmWaw2VpZw4utNJJuzi6WXCn-uTIGSUcyPLfYu33cHkl0iF4f5onDHUPed802C_jAqipQOUqmZHPQ8514pJ-05L4NXOUbIMgu-4O1E9OyFihOTOFy2hu7uCgCKsLvqTmuqgSXxVSxvainYXxtoNYBCs0RbHc_VwYDJMKTN0OvKhq0Bcw_ikIM44aVeUvxmz949pRWc7mZkBPF-XKJhjSFUaB6mN_TG_aIAw5JqcT3lrPr_Yxz0FRDvEOtkceefHMtq3GEh_Bm1oighbYD8M0Agc7r7ZcXdQ5sXSQb7xM0Sjy8Bm4-ux4GGtkU1b_e-l54ReOEUfEF65t6XzQnu5goAFpv3iUN9ON1kGWl4O_L02IT19N_R20L5-0gzK0b9APd6JlEpMpzTejhQdC1TF5-jJIThszK5J7Tq2YjZucPXMsK8JHYSw--oWE25-pkX-oZooMoNgRJcnbCILl7WYKNEDTPnGj7C7Z-QkxDa9u66ihtL9uILq1WAfKSIxeGVEu9eRtw5h20Qu2DEinPMmfZhy8HunWGMR7kgACrOHPiQ8mg-sMwLs1MAsHI4-pNxw5CbID1d2MiMFHpT_MsHsXeC-9VXU
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 10:57:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n4zyARq8PmmLtuOi5jBDYOc_lVCPm4-zK1ye2ZhmgnJpbuPAG2e5xIhZhzIaAL5bwSwkiNTac1IeMZxF6iBj34HXZ65t19P0tckcs164FKCtREFXkBTJk5lFA18RYz8wGX-mfOGiKjkvn2cP-kl9p0zoL5uZb3oZdWhWSmaNrstNk8s8ydz_qWa7pfHdBlddn_1NTzR1Dma0wabUktb2yBmIQTujbBi8x-rBNlq9VAj6Knn4DC2XrbbLiHo5pcn18r3LMA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
83327128
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.nl3.eu.criteo.com/ Frame A557 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=uG8i8V96SzF5Q0FMWXVPU0tVZlpVMHI1YXhHMEZESzBCY3hZTDNZMkxTMklZY21ROTVVU3ZvQlJvMVNOZUslMkJ3RyUyRnlHV2I5JTJGdHp3UXc1U2JYU0tmTjRjdG5EZ3RHbSUyRjFzUUdiWWkybXdxTGNkdjU0JTJGTEU5b1F5S25HSUpEalR6UFklMkJsSlROWlpwJTJCRWFHZE5NaEJNMGdId2QlMkJCSHUzSWxzUHRjOHdvMGNsZzRIRWRPWFVUTiUyQngzYkh2cGUyeGN3aU9WRzdnSWJiYjZqbnhDT0VLNGI1JTJGbXB4QXYlMkY5dFZZJTJGVXRJN0FPVDhCZTBjbUc4RmJJeFZnMW4lMkZFSjlaYkw3Z0F1WFJ1Tno0RktreUJuTDdiaTMxVWFSRHQ5a2RaYXI1RDNNWVhSJTJGR0EzUG1BM1lZSm9ERHlwa2pnQ2tDb0hIamolMkJ3M2hxQThDM1VpeUdTZksyVXhqWGxKVzRhcGVtdFJlQXdYU0F2ZEZRWkJjTFklMkJ0Q0swRXBJc3BLdWFWdGE0dlZoOG9YOHdZZ1k5cGZ4RnRNMlpySEIwMnd0dUtEYjJ4NHc1RGV0b1BpNmQlMkJhSkY1SFA4d2Z5YzdJbWM0cWowMDBTb2xFRWdyZEgyQ3IlMkZ3bjBJQzYlMkJ4ekd4RU50UFlFNk9YT3Y5NGlsbld0WWZHVGhzQXI0OWVYT2EyRyUyRmhDQzdxam1sYTI1UEk1bzFzN0dITzNtaEhwUUhiMmtDelclMkJXbjJqNDkzVUg1THp4aTFKZzZCeTJ0aiUyRldMdlA4WDBRazVyYw
Requested by
Host: pastelink.net
URL: https://pastelink.net/ltwtkztm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
228417
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
view
securepubads.g.doubleclick.net/pcs/ Frame 6D3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzWF8A1ISrqqAEh2Ah-G3xp-Q-CjxDJBkh2SIWNro5KL20ZLsAx5fEifrNdrkdgrFcJQSbsWI8hgo9KRWUggMo_IJgR4gAzKypSUTe_lYRiVklyEncnnNsHbpgeDSE5f5N0_NlYjmuamXPWMsbN-7m7TLk-lRZfXOsbny4TWXpri9SgDSz5EI2FEtHHchrO3YlJZmuk03KY5iDpC83TvypZ1vfHCKYqGE1bx0nMkpRAH3YZBetjndN-440qvCqJXCBLhPeG-gSqE2qfo_9WMsF6w-MCWDl9jP7cpq7CkjJla-RTpyXJxB3Gu_faTl9srnPvZoSv0cWtWZqeRAkmDr4zrrsJjHwU7AIZS0f612rJhWvkVhBpHzedCK4mrK4Xw8a0wYmosxJ97_43rc8N4A&sai=AMfl-YRlsKmw5ZkWw8nuTmEFTmDxrBiQzv4S6Qs4duKsAqEo-1orDiPBn3fFeClG9HqOLqrGfbx0BDZuoyfjne9DKv-WiDY0SzXvpnwwMNK0hmWqPh4jDEkt6dI7Rht3Yxs&sig=Cg0ArKJSzFhkvmCPHwDZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Feb 2024 10:57:42 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Feb 2024 10:57:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur2RPqlR4vb3AjZeoJp9nYnhu9sUYvSVjtkPwTW1dTUM1zWfPwyPkDUIPyQowIFT5EyRCUATDT6YLQQGjdev_oj04zfTzR4eAO5lqdeDNws7Jgb8HVDTDZz66OqMpU_IBWUeGwMWjsMUpJnjjJc2pXeISHj8_kQajyQeXsDk_F7JLRLwHTOTBWKgGKmhoYhR2aCKlCN3q8teRYzaRLvX90cr0A9bmHPBSwmPTAQOwomg_xfskLC5cxHX1WTkRwjpMlvdqNt84NaX_FgC4VKHm_CSlgRaxejBJypyzPWEMq18v_yF6t3We8AhkPm2zXmfY2HP5B6sG6WhiJrhcxOLLJsJbu1s-8iz9R1HCjECjzi9CKsHGP-P_nOCsJ62drSYtoo3skjOQKH5W2k1ochgu-kr0&sai=AMfl-YQcoEnNDuj94o7ee3nG6ztIOMcn8m9JJusCipyCbu74TrYajfHpRJYmtK_J0YtzEaG192ZjJoxx6j0fXrXtSu6ZYxPynKoICjLTSEenWeC-tg9pZlNn85JnQcAf1DA&sig=Cg0ArKJSzCKaSV6RjeBHEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Feb 2024 10:57:42 GMT
truncated
/ Frame 04F5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd87fc9c4da475982ce9626b600b53594283cb06c564f0492be3af728561243b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame AFC2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 31 Jan 2025 10:57:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AFC2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 31 Jan 2025 10:57:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AFC2 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 31 Jan 2025 10:57:42 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame AFC2 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 31 Jan 2025 10:57:42 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame AFC2 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZboVZeK4gnM6ttpVyh5X3AW0fScBmOSM9IL9siWYaG8JS-zNVkuWbS-T2MKuwn_kmYRrt9MyJy5dfhwFW66MrF0iYn_hEOyci0jga-iciNMJsaoXGgrVb7JCoa7qlVDVh4XEg1B0d71BAROudLoFC1qdlmyXJsZek40h93jCYCpYkn7vI4KpvEWsz0NDaaeAzeuEpcec4SmoBCtluh9z3N7d3Yey78SfFlg5Q-lbC4SeuAnfSXeGAw4xQC96nPyTBQ16oJGWiLpTeSJV2s9B2-s25OkcdKYTHFN9YYl1ygrywTyuvxv_4xi0ZOakiVmhTIhYSMxLBpkfBWwBAllpqnpOWsyJxnOjuA8bDYU0nS21o61kU3JwEa7teSNLzWdtX-ARG0d57BTsUedEsghYNbPpUd7ug1oz47hzqGUrJMtjYWry1XttzmwVtR8kpD4hUQKdOOHiPVamdnJNi1nv0VX4R6g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1639922
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 1E2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a592d98618c9e93fcf7a8a1cee&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 06 Feb 2024 10:57:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1117924
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame A557 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfTwoxdltTx3GgEjGETC9GFSe0zDcJ4ewgs7htYhhnC-nZyF0muf1d9Ork3Ah9Xvr458gSE9ugyRF-g0vy0i-wIFbSRAZwwQCi8eBUVASVcJUOGmw8twz8o88i5UflEyQIkKETFwhxb1V84DpaxtIKNxBa3-6K3ei4DLl4bgDkuyTRJjt1cOogNgHeNCw2Mf71Zac8jm1T1BQ4hwRk6_uI7k3qZOmO280biJ7a_qbU7dM7GNAlBKljAHewYk6O0cVYrMOW_5RgeICFVZeTbiE4lwL54QJDdGyJR8FWdrImIR-63uyly09DWMZ74nF2SWQzzk4x6HVhI4drNxKp5GE1W-4sOuAiyGp6OTNPq5hJj0vpDZAHKMju_lJ8HUpCFRx5OX2JnGMWAChBFw&sai=AMfl-YTkqzkmb-LvnyzlVRzGHheky0Nh4QgYvUcvG7I8LMyLJOaSsTWuT1YVwCVPAeXbcQskDHReE3ghedKWXtdW-xTX-eTFb_DSFXfpXR5EJoWSlZ0siTh1ZBCEgiw3BWY&sig=Cg0ArKJSzLO4d2pTKFJ2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Feb 2024 10:57:42 GMT
truncated
/ Frame A557 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c83d8c055dc81cf47cc5407e37a8ff760225dec2ee3be79ec04c628b4c49569c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AFC2 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1526960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2TEKV8JH6dFxTzWu4HHxrRozl7wujt5yTEn0qRP39tjP0iQbWN8mipv%2BiaxLNvV5LVmbjwoWm5hrQqKXXnAAmp0EBWOKKOV0054FCZaKZJ9wmnBHsZ0IzuqqBmNi%2BmokryoGC3vSo5mCCTSU3CUv54M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8512dfb0bf44baa3-MXP
expires
Sun, 26 Jan 2025 10:57:42 GMT
animejs.js
static.criteo.net/animejs/ Frame AFC2 		0
0
all
csm.eu.criteo.net/ Frame AFC2 		0
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AFC2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 31 Jan 2025 10:57:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AFC2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_TX4xmYxqg3nnPwL07nQiac0SIjsFhobwJPVuBSA2_VKx40NmtVsyrgROFsXmuehtfrpalGpAQRLlXAd98OHQPg_pUboXi-nVu0rMd5WFHQPDEgbwwn11n8xVmhgXxVcVtvWhBCo9LbDluwIqxgtApmIrUIQX_rVVKRMybnZF9rFDfVqJMc1wDIhWFsrhrd7oAWahhENfE2_07tQsM5gcyUuqPotHBHA8zTJrKXgwQ5uPnij6rG8Jjx2_BWnhg6WFhuy_V_Pslh_4iRXbKqY8QLPa2aeYk6oth3cWheVMamAiFkt4nHIjDExEDW_h4G2_UaBCVaIX9lG4FEXK9B-eFRxSRx72tWPFRC9BcBPZn5JNYuEKFtc7qvVysYJwAy27E1UwKDslRjCMyD6pD5pUUSkhqHEVeC_NN5IKajObjgYZOh2cgQvrli9Ldz7XSJhtq57oqQ37-I-1-2a7347Pt3d-vnY9fBfz1zCVcAm0JDFM9sIbU8TNjDKJz0hL8kUqwmnzvo_sDd4cPttaB7e6Q_mpRJLuaaZPC48dUOGuf56xIq3c19PBYn4kGGhV5X9uxcyh2DsZUDH9XqHSzMuwnbPYHTN-WOuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 31 Jan 2025 10:57:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A35B 		0
0
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A35B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 31 Jan 2025 10:57:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A35B 		0
0
back_button2.svg
static.criteo.net/flash/icon/ Frame A35B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 31 Jan 2025 10:57:42 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A35B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UWkLl3Uo5uOi4QkgYsCBqMq_YlMlKguDBf6k6HwuJa5LXc0ykl_mT0NANAN_DbPjhLZUrIXn2cYPETKKsm6bnab0hVg07ZxHvZdpCP3hCpIctD-znlTF5bEe6t2J40cclCPoeYcZW748hEb3ZuYdpgAm2uFuBswUqeXsZ5aMbLa5kaN_9Uuv55d37IR4D5z_iVxYrmbGMi9KhaS1Y44ADKw2hsqUZVnhMr4okzQzOzH_VfvtL-hBPFFjnD1LpDMPn2N9pDuAkaG-qlUztkxHCC6hELf9EeSrLsrQUGeGHf-Xwesz01mhJ7ewRxDAeRx87rUTK2FzEUmkzfBK-xyTurKC7z0Sa4wUYp1Gtl4jCSBuS3YIdyG93p9oT-5ZNhYSqqvxc4RaS-MF3CEVxbq18ZKVcLxYPxCD126up0STXOYNx8QnqgBNai9k6ZiM0f1e2iKxzVpCc8p9AJtOZyilouTChuE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:57:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1523164
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 3A99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a6b4d41f13f9c4e9f743921283&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CCXq7f7Who2nxT%2BLj9LDE3zpQ0hdv1z4ddIhPq5x0yIY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2itqMvIaNFvbd6jCe5EEWku8MgIKxYINObfxnn4Vh3ZQcjNsrL8JFeQGBiL1GonLyVCEHZCOb4ZkDRHjGlEW38PFC5CrpTz4UGeE6dL_AQtRJO9x7CYOs7cGJJveR9GrMbGU0D-mAcaF3C3lBVh6pHN6ld9kssnZ4q0eoUA4bOwB8EcwbnEd8Y0k9C2_DLywhqRnbH1pXbr6JNjeHMFE1gR8qhX_0h3nZK2msEVkWE1dmpKd22Jtz8ursSfOwMfWvdQN2DLiIGvljB1BG8RqxrwMMk4EjoTWIQYWyv7hRrh1BUbsc8aWcSFVmOTWhJQRzY5eDc1uqguUa5cKYjdnRbRrm7-5B9n-JftbVbD27vDD_fFPQ4WRNPTBlkp6dQeCCHEIDDPfGxHXpYHLfi5GK0YCY2dxI5jyQyMaTObucmfp9HlZG84K-XgEPb1_q275JQZcZYPFh_uIMDogPhX56hm7SejsRqc-854c9GiIbUqET4jxkuA1qge_DQ4jukOubNpBOGjg2N49vb8-feaz_H_Z8k-0BegSX7BXxScyze5KCGgAmYtTl9E9_kwl2uWYlkeFMb5gtRArL_4r5421nS9JOX_fc7v7ysUG_kE6K-w4e3No7dAYe-6IkVeO9c1fcA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 06 Feb 2024 10:57:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1137684
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A35B 		0
0
animejs.js
static.criteo.net/animejs/ Frame A35B 		0
0
img
imageproxy.eu.criteo.net/img/ Frame A35B 		0
0
img
imageproxy.eu.criteo.net/img/ Frame A35B 		0
0
img
imageproxy.eu.criteo.net/img/ Frame A35B 		0
0
img
imageproxy.eu.criteo.net/img/ Frame A35B 		0
0
all
csm.eu.criteo.net/ Frame A35B 		0
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A35B 		0
0
privacy.svg
static.criteo.net/flash/icon/ Frame A35B 		0
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame B18A 		0
0
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B18A 		0
0
close_button.svg
static.criteo.net/flash/icon/ Frame B18A 		0
0
back_button2.svg
static.criteo.net/flash/icon/ Frame B18A 		0
0
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B18A 		0
0
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame AFC2 		0
0
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame AFC2 		0
0
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 0C71 		0
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B18A 		0
0
animejs.js
static.criteo.net/animejs/ Frame B18A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.criteo.net
URL
https://static.criteo.net/animejs/animejs.js
Domain
csm.eu.criteo.net
URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yqREJhq8PmmLtuOiL5fddQ__Q9nmSAo3PJMIBsAeG36lipKtxj5hkRjhVorfZM1qbwWliOJO6GWKiG11RO_s9YjKwFp4BThA7PuMho1l2hHFiJE3-jGPk6xVPl1MzfQtzcYT8v7JTDdjhV5e-G9eQryqlWQB82I3EdgboQuRNbbEjroQNb7sxsE4vGmNpmfgBjzUHevDM_AG5mRS3fkGIspf71Pdzre7oEIlzazdYl8MoRSQnR4ZzpPxPAEfesjoI4sk4w&sds=2&rev=90469&sendBeacon=true
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy_small.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/close_button.svg
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Domain
static.criteo.net
URL
https://static.criteo.net/animejs/animejs.js
Domain
imageproxy.eu.criteo.net
URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=97215&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F97215%2F230227%2Fb895686af0ef4c14b7c7a731718d4377_magnanni.logo-2x.jpg&v=3&w=668&rid=73&s=hDFx4GtCo5hC8oCj6RPSteEp
Domain
imageproxy.eu.criteo.net
URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25191-53_women_Lexi_Bone_side.jpg&v=3&w=400&rid=73&s=I9Addtf13mWndD_P2Js4gg4K&b=400
Domain
imageproxy.eu.criteo.net
URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25613-12_men_Leve-Slip_Tabaco_side_v3.jpg&v=3&w=400&rid=73&s=Frxdda-Ska3l_rLY0ul__Phf&b=400
Domain
imageproxy.eu.criteo.net
URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25415_men_Mayon_Brown_side_v2.jpg&v=3&w=400&rid=73&s=eCW7DLCNoCzzfkNPuLO2-s43&b=400
Domain
csm.eu.criteo.net
URL
https://csm.eu.criteo.net/all?cppv=3&cpp=q1dGERq8PmmLtuOi2sC8iCiFQuib4PZ-bravNDne8zJtNJY-H6YRPMxOU5bB4zib0Cq7weUG27AZTPfysDP37hHx5OSuEEZ2qtKD-SIs697ePZQFypMK_yVKXXjWhS4udb4qwoAX25Ylw4qBnoo3NeK2gtn4NeUrfGu8WVQCOoHpikfodnoYYfUIa8-BjkzALvM5hhvGpLz75WiqqBMQ2nTO-9AHUnZ_BvE0CbEsTquGyXKsyiQ-AFEGcf3_Vb7El2lQhw&sds=2&rev=90469&sendBeacon=true
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy_small.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/close_button.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/back_button2.svg
Domain
cat.nl3.eu.criteo.com
URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3Egd2nV63eVt6LoduBJLS-5d75EToNkquIEvmYVnGKreyxYDR90ssxH1mNgbhHIxJv0z5-L4ADMPjhN2jNbLhx3WrwXvOFCTUTtpVNHQpIP6DFAY_YO5i5Sa4WqQsyu-K2v1TzouJ25phJSucFlVx-bv6GiM6JKSMAkpo2pxU7AFyCRFzBme5Bt9Xv1VOf_tClYw1OfSBF6W3Q1dFqVyWgNS7SwSk69L6_d8BNSMqde_Z2KI6OZF3z8-6hKawJr0lO_SShIXmIZphzaFwlQ6EONxX8CUrBm0sYTo4ualDpnHB71DOZJIPEmzGoyyQ28aIdeGRUyZbCPWs0-3b1J8vXzF4w6rQk1RCARYxQhg9A3h4NjKWPCo0hJ_u_YDT4N_Lg3d694BiVmACbswjj4IeHbVoSI05oCQC2O3RU8Mu0c10PnkPuu4zYrpI_rEPMpiHvufGRN4y2j4cfrfQwqi9hmPmsg
Domain
static.criteo.net
URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Domain
static.criteo.net
URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Domain
widget.nl3.eu.criteo.com
URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=191625&cb=65c210a65f20d5d59588c87b32b6dec7&r=https%3a%2f%2fpastelink.net%2f&crossorigin=false
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Domain
static.criteo.net
URL
https://static.criteo.net/animejs/animejs.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery function| Cookies object| dataLayer object| optimize function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| grecaptcha object| turnstile function| onYouTubeIframeAPIReady object| googletag object| gaGlobal object| bsaexperiments object| bsablockthrough object| bsagpt object| bsaheaderbid object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| gaplugins object| gaData object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MWRiZjE3YWNhNmJiZGNlNGxvYWRlcl9qcw== string| MWRiZjE3YWNhNmJiZGNlNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| d220bc60-9ba6-45bf-b7a6-f1815ab058b1 boolean| google_empty_script_included object| Criteo object| sas object| apntag object| _ADAGIO number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS object| google_image_requests object| google_reactive_ads_global_state

28 Cookies

Domain/Path Name / Value
pastelink.net/ Name: PHPSESSID
Value: dkoia1aegi54tnrp3m9allqrc9
.pastelink.net/ Name: _gcl_au
Value: 1.1.1054321960.1707217057
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1707217057.1.0.1707217057.0.0.0
.pastelink.net/ Name: _ga
Value: GA1.2.203521765.1707217057
.pastelink.net/ Name: _gid
Value: GA1.2.736134293.1707217057
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1707217057.1.0.1707217057.0.0.0
.pastelink.net/ Name: FCNEC
Value: %5B%5B%22AKsRol8cTGEHxo1-7d8GiqKfiBdFr25Sy08MTxgGyTje9UvUrHQdvhRqDh1D_XYmVQTAF_Sl14n6TYc7xiAt54R-WjuBMBhrbUg8LAJiwaZPSPpNvtZDi0LTyhtg1flcCGLcJKCNUI5Vt_87vmH7awJa72kCzmYZbg%3D%3D%22%5D%5D
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ADCpOI4EvIKe-ie3
.omnitagjs.com/ Name: ayl_visitor
Value: 5e125b83e3d9428473b9aca6b0d95039
.rubiconproject.com/ Name: khaos
Value: LSA8YI8P-6-DWCR
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6BjBsT8Ey84ybVTIkcAJPBTRajfhjyT5ho8en3GA3dP26uSe+q4D6iv5P7PBULMJxYRMprldrdh8Yn0kEOGVL/NzxTqj0kKQGgijy0RC4Zd8RuybVyVU0yt
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 587752=5836977
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 6683334477405958462
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0%3B%24qo%3D5&c=1&l&lo&lt=638428138600660202&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0%3B%24qo%3D5
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pastelink.net/ Name: __gads
Value: ID=b48a5923430fd5f3:T=1707217060:RT=1707217060:S=ALNI_Ma-o5_DosgPcPGaaJ-Qi4wVLBqKaQ
.pastelink.net/ Name: __gpi
Value: UID=00000d52069e5492:T=1707217060:RT=1707217060:S=ALNI_MbNQxaYcsKWtETlo-tyR8ZCw5laUg
.pastelink.net/ Name: __eoi
Value: ID=2bb3b73c5a14d7f6:T=1707217060:RT=1707217060:S=AA-AfjZyxqOnX__tTpjUVybXVfkO
.360yield.com/ Name: tuuid
Value: 01674dd8-fc9a-4054-9cbe-d0eea7587724
.360yield.com/ Name: tuuid_lu
Value: 1707217061
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjQtMDItMDZUMTA6NTc6NDAuMDg0MTI0NjExWiIsImltcHJvdmVkaWdpdGFsIjoiMjAyNC0wMi0wNlQxMDo1Nzo0MC4wODM4NzcxODNaIiwib25ldGFnIjoiMjAyNC0wMi0wNlQxMDo1Nzo0MC4wODMxNzY5NTFaIiwib3BlbngiOiIyMDI0LTAyLTA2VDEwOjU3OjQxLjUyNTkwNzc3OFoiLCJwdWJtYXRpYyI6IjIwMjQtMDItMDZUMTA6NTc6NDAuMDg0ODk0ODA4WiIsInJ1Ymljb24iOiIyMDI0LTAyLTA2VDEwOjU3OjQxLjUyNTkwNDE5OFoiLCJzb3ZybiI6IjIwMjQtMDItMDZUMTA6NTc6NDEuNTI1OTA1MDMzWiIsInVucnVseSI6IjIwMjQtMDItMDZUMTA6NTc6NDEuNTI1OTAxMzgxWiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiIzYjkyYjE2YS1mMTQ1LTRjNTEtOGQ1Yy1lMzAyMDU4YTY4MGIiLCJleHBpcmVzIjoiMjAyNC0wNC0wNlQxMDo1Nzo0MC4wMTU5NjE1OTJaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjAxNjc0ZGQ4LWZjOWEtNDA1NC05Y2JlLWQwZWVhNzU4NzcyNCIsImV4cGlyZXMiOiIyMDI0LTA0LTA2VDEwOjU3OjQxLjM2MjUwOTczM1oifX0sImJkYXkiOiIyMDI0LTAyLTA2VDEwOjU3OjQwLjAxNDc3NjU4OVoifQ==

97 Console Messages

Source Level URL
Text
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn4.buysellads.net/pub/pastelink.js?1707216600000(Line 7)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pastelink.net/ltwtkztm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
ads.servenobid.com
api.btloader.com
bidder.criteo.com
btloader.com
cat.nl3.eu.criteo.com
cdn4.buysellads.net
cdnjs.cloudflare.com
challenges.cloudflare.com
csm.eu.criteo.net
eef2e8fed9daf0fb4baad5bf9e5fe731.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
imageproxy.eu.criteo.net
mp.4dex.io
onetag-sys.com
pagead2.googlesyndication.com
pastelink.net
pbjs.e-planning.net
prebid.media.net
prg.smartadserver.com
region1.google-analytics.com
rt.marphezis.com
script.4dex.io
securepubads.g.doubleclick.net
srv.buysellads.com
ssc-cms.33across.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
u.4dex.io
widget.nl3.eu.criteo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
imageproxy.eu.criteo.net
static.criteo.net
widget.nl3.eu.criteo.com
130.211.23.194
142.250.186.134
178.128.135.204
178.250.1.6
178.250.1.8
178.250.1.9
185.255.84.150
185.64.189.112
185.89.211.84
193.3.178.3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2602:803:c003:200::91
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:9a9
2606:4700:4400::6812:22b2
2606:4700::6811:190e
2606:4700::6811:2b8
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a02:2638:3::12
2a02:2638:3::3
34.120.63.153
34.149.40.38
34.246.143.94
34.254.33.52
46.101.85.187
46.228.174.117
51.75.86.98
64.227.38.224
67.202.105.24
81.17.55.99
88.208.215.108
0148ccc13601258eb42ff9af62bfe09e23eaf4aaa490315b4ddad7a47666b8a2
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
0637b7b63debad90de03d0d560cfa62a758a8ca0975e0d851d9b62c915c95951
0754e5b9945a29f892d53b7ede7476448d8cab68fe54fdeb1835590faaca64bd
0ca073c545c78a94af4be972e1790e370c1141230332dc6ef59b717cab581f7e
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
164bfc018bef1fb83aea134c5e3a02e256fb8fbeeecc38b21928724411889d0c
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1d50647e67b654918479e0dea0f2dc5215dae320fc930a62f5f3292a53baf3c4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2d2432d1ad4ec059a323435685cf25fb6648a499182e13a48a1977195e83a2ac
2ffec9f9a2db8c560cd149fc08f5f4f53a84a5cc3db149ae008e61b2fb4d8894
32e2c4314ec568d562201ba73c089d2f0f0f1843fd19bbd952e783557d51112d
345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f
362196c81e127b948ea325a290e6cf9cc77c24c36ebb1108cdc414455f82d7ac
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37fa7bca05d8ef8af02f3fd200b3f935b34dca9dd42731fd9143093fc59b35d7
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3a46ec957986e55b0fd43ab4aee4fe539c074949110909c870bfe048dedcc08f
3d0de5039ecbf516bfdb663942894873d99f2817934ec3a3a4fbfb374e77bf04
3fad1bfb0bc74d18618f94477f8061ad15a44bff612481a1825e6990e258e17f
42eb3397060841086dc97e91381cb3b661c7113caa4aa42db1ae042a028d0588
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
555c4345010b5b680d529675ac160f93dab40042d1893e82a86de9708e12d862
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
615b6a25fc760a6d13d62c8b4783811bae989bd7f195109655abb90136ecbe4d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6ad5bb6ed7166a306bbe7c4a074d8df8ee92f5eb485bf932148ee2a4b50a738a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74c6007cc8c4886df9047fb7441debcabd103152b788eb9154ab5182d9bef7d3
763bd2a3d91e236708a0897bbf57cb12274235069d119a2af52c567c3af833ff
765b93aeade2b02991eaf08e2b67d52e70906902f609a4c22bcf50fa4e618bb4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8639fbdd08ac3fd3710deaaeb78e7901bd7550a34599f5542f3ff51b602b3786
894a94ba8449fd82c9f3d0df1560f4928879d8b32f2c4b4c97631614f316334a
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8b1976fe80c2d62438ff78bd757560555c15428672d295f4ae75f385e28ab687
8c6bf876230b9d3f320d7844ebb65a63697f77188c296fe61309430b3dca67ed
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
944aa53b497877e76c535d20495c94335d9ebb58bc0cf04ce8f64fe33712d024
9824217ba941ea991cf0fb330e76f5696331282157ad94a90d68af4ab20c6619
997c42431eab7409add90c256ff62060943785cc442951a29ed929f95f50743f
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
a268a433309501cbee829c1f08aee61096fc7d75dd06fe2c0ce03b4ed1bc398d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b8b244b300dd9b8c18cfd5a606249c4aed1ee04eea0730db9178ed7db3ed09ec
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
c135ee1f7a787830dfc397e4393309618929290cbf9eb4f4243aeb41075bfd36
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c55a872d13e131b2e7447f814e7c97ff07c03c5087e77035db0d0c434e6f525b
c59f78308798d9b871b4672128e8aa0a73b15d65ea3e081045bd579ce4f8a330
c5f3e9078bf8c687895709813d6767f189deffa8429801a7d565d1225f71287f
c83d8c055dc81cf47cc5407e37a8ff760225dec2ee3be79ec04c628b4c49569c
cccac3fd078cee9c9e665d2551386197b12adc24abe8149cd7d6b501cf7b13cc
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd87fc9c4da475982ce9626b600b53594283cb06c564f0492be3af728561243b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02dceb7973a11aa0dbd3a3dd5ad24b6a5550a80763f7e190a9eb9248e0b82a3
d54985c9e56ab3f740e4c7ba599cb674260f68d5ab2d8195c460428ab34fded1
d640245a73a6367c344a067007733667070703d34bd34277843c46d9fc9f6787
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc13491e28a0f2ed58db5b76b6b9f7ad7515f85702cd45fb963c9d397db9a6e7
dd305aa56423209a8d7e42a0297f7658c1501207236ce9bf0d907fc62b6e1cc7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3aff26e70916db1b5f26b512d847d2d8eb5394115a97de2e2b1c09002b95b55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eab9336ea8b2145e4930e9cddd09b8faddcef978cf8c7ab584d773f82fd908a1
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef41e92768a3bb948259d452129365d45e46bf03fe0f5e41e2a51ecdfb5f2daf
fabd9cb49cf72eaf7e43df03c83a6ad9305e9885c4594b31ac45115ffbfa4d13
fc38bb7f8fd01c7f4d3cd51d28fd37efc63512f03a92bf00977c18622f084d2b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e