pixelpaste.net Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pixelpaste.net/
Effective URL:
https://pixelpaste.net/
Submission: On November 05 via api (November 5th 2023, 7:38:29 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is pixelpaste.net.
TLS certificate: Issued by E1 on September 14th 2023. Valid for: 3 months.

This is the only time pixelpaste.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:7::60 2606:4700:7::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:58::60 2a06:98c1:58::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:213... 2600:9000:2134:ce00:19:170a:f740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
39	20

1 2606:4700:7::60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pixelpaste.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:58::60 (United States)

ASN13335 (CLOUDFLARENET, US)

pixelpaste.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2134:ce00:19:170a:f740:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3plnp2f9sfye5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
5	cloudfront.net d3plnp2f9sfye5.cloudfront.net	22 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	165 KB
3	pixelpaste.net 1 redirects pixelpaste.net	8 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136	218 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	26 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	88 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	254 B
1	gstatic.com fonts.gstatic.com	19 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	84 KB
39	15

	Domain	Requested by
5	pagead2.googlesyndication.com	pixelpaste.net securepubads.g.doubleclick.net tpc.googlesyndication.com
5	d3plnp2f9sfye5.cloudfront.net	pixelpaste.net
4	securepubads.g.doubleclick.net	d3plnp2f9sfye5.cloudfront.net securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	gum.criteo.com	1 redirects static.criteo.net cdn.taboola.com
3	pixelpaste.net	1 redirects pixelpaste.net
2	cdn.taboola.com	pixelpaste.net cdn.taboola.com
2	cdn.jsdelivr.net	pixelpaste.net securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	pixelpaste.net cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pixelpaste.net
1	www.googletagmanager.com	pixelpaste.net
1	ajax.googleapis.com	pixelpaste.net
39	20

This site contains links to these domains. Also see Links.

Domain
www.profitsence.com

Subject Issuer	Validity	Valid
pixelpaste.net E1	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pixelpaste.net/
Frame ID: 45837FFAA44BA250BB8E098F1FE78FCF
Requests: 31 HTTP requests in this frame

Frame: https://e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 851A26A81898BD11E9D1D48F488D39A8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pixelpaste.net
Frame ID: 5D52EF45158413C72483D63DE5537CE4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7080B851AC4E174A0C9C4DD8E5F40B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E188F09AC185024189338C0D1FC383B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PixelPaste | Share Your Story

Page URL History Show full URLs

http://pixelpaste.net/ HTTP 301
https://pixelpaste.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

39
Requests

95 %
HTTPS

90 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

754 kB
Transfer

2545 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.profitsence.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pixelpaste.net/ HTTP 301
https://pixelpaste.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pixelpaste.net&sn=ChromeSyncframe&so=0&topUrl=pixelpaste.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2iJh7nwvQzVzNzZWMFY4THp5TnVPQlJ5eXEwN3RsUXZHODdpWWZ6eU90Tm4rcmRuYWJqY0NLaHEyYkFPYnpQNzNmNHRuaFVxb1Y2cVhmWXhkVTRzRGFYcEY1eVFIZS91bzFkVUs0Rnc0Q0tKZERoQ0k2ZzZMcWZZc0M4clhDMTZQMEVlRTFQQ1VoLzhTVDJnWXVaNkltZ0xYOVczRG9XVENsMWhXSTZMZDVuSUpUZWhrakwyNEx2WHhqYTJrUHVCNmo0UFZsdUF0eXpNN29EU2tYTE03SVJSZUNjMktBdjBXclFWTmh1SjZ6SnpxeEVqZ2NkSDFTRVZqQ1NCcThFTnNtcEY1L0NiSUtYN3ZYM1E0S1o4Mmc1Nm1BaWNtVGs5WmtSTnIzZFl0azhINnZTQT18&cppv=2

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pixelpaste.net/
Redirect Chain

http://pixelpaste.net/
https://pixelpaste.net/

11 KB
5 KB

118ms
64ms

Document
text/html

2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 039f88a4339df24e902cbdb0aec1eb71fea4fe41b9a14ff9594fcae055f96504

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: MISS
cf-ray: 82178e8c7f553621-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 05 Nov 2023 19:38:24 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: f0bccb0c-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express

Redirect headers

CF-RAY: 82178e8a9a815c3e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 05 Nov 2023 19:38:23 GMT
Expires: Sun, 05 Nov 2023 20:38:23 GMT
Location: https://pixelpaste.net/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 897.js Show response
d3plnp2f9sfye5.cloudfront.net/ 1 KB
1 KB 137ms
36ms Script
application/javascript 2600:9000:2134:ce00:19:170a:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plnp2f9sfye5.cloudfront.net/897.js
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:ce00:19:170a:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bba514b475650339be4be88235724b1ae727017b6258ebdf3778bc9d6755d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: gyUN5P2bzFze0pATNpR1620CUNJ0nueD
content-encoding: gzip
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
date: Sun, 05 Nov 2023 10:40:33 GMT
last-modified: Mon, 20 Mar 2023 09:07:32 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 48998
x-amz-server-side-encryption: AES256
etag: W/"bd2715072b021741f350e30de576d7bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: paigaWAwc1MIMPhPWlhSZh_p_SAy_19m5Fsx2pE1tMEsKpNE5Ms10Q==

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 103ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 331042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM3JXNsziV%2F6F8ryAn14c9K4sMJL5w7mYcaRBr6gmwWqJHAAie4ecx8OYFPdvfjoV8F5xsA742FcFUdW3xIl2kRU0E8bkBDeNOTBjNb1Ik%2BK7ajJECni413GPyAAg1RZQvzC6SocK9c2IDlPwTf9VjDd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82178e8d5b219261-FRA
expires: Fri, 25 Oct 2024 19:38:24 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/ 152 KB
24 KB 140ms
66ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pixelpaste.net/
Origin: https://pixelpaste.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22158285
x-jsd-version: 5.0.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230087-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbeBoJS0DS8vQK5xrVjWii%2FlOrZlqq5GpDjiPvRAF9455bgVkvcto8rA71tT%2B7AFlp8bPRdYkU%2BPwd%2BEL1HcJg4B57jAzf7ggDEKTZx9mFxf6kCBNmN9ZdlRulidVKm43bWZm9Gjw5fWNGLEP5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82178e8d680c5c26-FRA

GET
H2 200 styles.css
pixelpaste.net/css/ 6 KB
2 KB 39ms
38ms Stylesheet
text/css 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelpaste.net/css/styles.css
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cf374bb4b7df7cf23337a92c0a687db38a408436329421bf0198b4dedb854b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: f0bccb0c-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"168e-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 82178e8cefcd3621-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 20:19:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 96ms
39ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ELXPX9P9VW

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e803be3ecbab8ebf5809643c67ed44c7540d9cdb75c63bc4c5942e34dd0ebacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 19:38:24 GMT

GET
H2 200 2149.js Show response
d3plnp2f9sfye5.cloudfront.net/ 2 KB
1 KB 135ms
35ms Script
application/javascript 2600:9000:2134:ce00:19:170a:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plnp2f9sfye5.cloudfront.net/2149.js
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:ce00:19:170a:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ba7f8399c19e6cbd39ac67cc3807a812338ac0864754b7e1ebb317a02a1c778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: hWGTMjLqxIbOyawD5LwNsWjn01ExhvhE
content-encoding: gzip
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
date: Sun, 05 Nov 2023 06:06:48 GMT
last-modified: Tue, 19 Sep 2023 17:43:56 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 48697
x-amz-server-side-encryption: AES256
etag: W/"570f59c33634c9e72919fef0e5206f4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZHryaJZZulS_Bdxvkt0eBMMViSolNP8VQNREHVNxTj9ReRnm4GL4OA==

GET
H2 200 2150.js Show response
d3plnp2f9sfye5.cloudfront.net/ 2 KB
1 KB 136ms
37ms Script
application/javascript 2600:9000:2134:ce00:19:170a:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plnp2f9sfye5.cloudfront.net/2150.js
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:ce00:19:170a:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34d287d2fbd66cf4820025e29d1723c5474df1368502ffc674ff69488b80ac10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: wXA69tb08qImFGfLqQmeZgflWirw_oHN
content-encoding: gzip
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
date: Sun, 05 Nov 2023 06:06:46 GMT
last-modified: Tue, 19 Sep 2023 17:43:57 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 48998
x-amz-server-side-encryption: AES256
etag: W/"a13ce8b70f53a7582ad797143519dc4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5ELnxb4ykm0Z9hl7cgFi0d7NsUE5rTNqmXMJnFyPll7DepZ0u8HyTw==

GET
H2 200 2151.js Show response
d3plnp2f9sfye5.cloudfront.net/ 1 KB
1009 B 137ms
38ms Script
application/javascript 2600:9000:2134:ce00:19:170a:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plnp2f9sfye5.cloudfront.net/2151.js
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:ce00:19:170a:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8902533314155ad6f7bdb1da485ee2bf0daeea2a83b2a21162df5c960db49d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: Qx_05Ly7jeHt76MViMX5kX7iB3JGDZj0
content-encoding: gzip
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
date: Sun, 05 Nov 2023 06:06:48 GMT
last-modified: Tue, 19 Sep 2023 17:43:44 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 48697
x-amz-server-side-encryption: AES256
etag: W/"64625db7429439f9223e157558d74bf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IXs86_JfkyvAEEjSqZSwDyYu14lPA0xVOMUQTSBtfoY3js5_PRaSEA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 181ms
96ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3plnp2f9sfye5.cloudfront.net
URL: https://d3plnp2f9sfye5.cloudfront.net/897.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00f26a67bf72ba8315351114ae62c05b13fa3602c34b074816186754126a0199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
server: cafe
etag: 353 / 19666 / 31079420 / config-hash: 7101305502720886139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 19:38:24 GMT

GET
H2 200 ProfitSence+Logo.png
d3plnp2f9sfye5.cloudfront.net/ 17 KB
17 KB 38ms
36ms Image
image/png 2600:9000:2134:ce00:19:170a:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3plnp2f9sfye5.cloudfront.net/ProfitSence+Logo.png
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:ce00:19:170a:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24fff447b515afa6bb2a0a7cb55b4ead0663cb5a925b154b744e0001f9238c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: rS6i3mHJf35TuDgaDMkZ8JRfQ5Zf9xT9
date: Sun, 05 Nov 2023 10:06:53 GMT
via: 1.1 3e8c7159e6734f06c78a06c36a369370.cloudfront.net (CloudFront)
last-modified: Sat, 31 Dec 2022 14:32:41 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 42990
x-amz-server-side-encryption: AES256
etag: "269163bdabdd3d537b922881426b9ff3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 17385
x-amz-cf-id: Eh2gZz3wZEgj5KSp13R1kFB9eKNUIMCXCOH2afcewhuTCTUzLck8xw==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 19:28:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 19:38:24 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 82ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pixelpaste.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:21 GMT
x-content-type-options: nosniff
age: 264003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:21 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/pixelpaste/ 237 KB
49 KB 129ms
38ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/pixelpaste/loader.js
Requested by: Host: pixelpaste.net
URL: https://pixelpaste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 641c0ae70fbef3235ee470b392d54fe594ec1d426d65061e31249f04234c9acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: sI9DNaLpzkLlXBeTTLJ.M9KSOK3GKFc2
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 19:38:24 GMT
x-amz-request-id: ZYSNRTWM60978KB1
age: 16690
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 49296
x-amz-id-2: bLSTQMWfYStoHfz++KG3NROjwY9ScOFa4KtDNXmLTRXm4XHrnT68FsOg9p0qPkKmvDSS73T3JWQ=
x-served-by: cache-cph2320042-CPH
last-modified: Sun, 05 Nov 2023 11:16:05 GMT
server: AmazonS3
x-timer: S1699213105.520292,VS0,VE1
etag: "31d1609f27ceb958b3385e327c87c5ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 165ms
97ms Fetch
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pixelpaste.net
URL: https://pixelpaste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51926
x-xss-protection: 0
server: cafe
etag: 11496942309631616221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 19:38:24 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 59ms
33ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://pixelpaste.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3985827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc3fTCvzDynLaH1iBST4SemBn5OcFXib1gZBjLi%2FZpODm7Vymj4dkw9O6IP1h1Rc5ylXNjNx6CXkaHlBaQJ26E0JM1QiwRV8V48i6BFop79ubpSC2nLD0ivof39OIkgOThUHO8%2Frr3dRzPS%2BQrXbioHG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82178e8edab0198f-FRA
expires: Fri, 25 Oct 2024 19:38:24 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ELXPX9P9VW&gtm=45je3b11v874236928&_p=1699213104413&gcd=11l1l1l1l1&cid=994618674.1699213104&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699213104&sct=1&seg=0&dl=https%3A%2F%2Fpixelpaste.net%2F&dt=PixelPaste%20%7C%20Share%20Your%20Story&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=779
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ELXPX9P9VW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 19:38:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pixelpaste.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 12:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24283
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 04 Nov 2024 12:53:41 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 59ms
32ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4900
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmYVmOmpZWyZAvWtLdUqHfi7lfY6crdeHZZxWWKmn2yRBkSDbnCjE%2BrxmHP3INATmCv9Wv8m0m38quJkLXimDpwkst%2FT2YSJ5foIoJLbJEv%2F9G9Iz5ZL1yBB6J2VHblhW85NFYjE1ufDDUV4xYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82178e904f552c53-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 101ms
32ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: MEVGTKSQ43QXNK5W
age: 2417
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82178e908d9a92ad-FRA
x-amz-id-2: GVo2t+KCxHBK+B903bp0KH5cKbe1r2w6r5KWaaF5cRSVC7HTxdd5AENeRvXUDCU3+phSQRubKvA=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 145ms
54ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Nov 2023 19:38:24 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 570 B
309 B 64ms
64ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4063000191185389&correlator=3738932877976021&eid=31079420%2C31079377%2C31078659&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=21724377464%3A22877764688%2Cpixelpaste%2Csticky_anchor_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&didk=4110065070&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699213104640&lmt=1699213104&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpixelpaste.net%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=994618674.1699213104&ga_sid=1699213105&ga_hid=1664575027&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY9Kv5h7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPSr-Ye6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9Kv5h7oxSABSAghk&dlt=1699213104133&idt=452&adks=3571827703&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d206897116be0fe97beb6a18f3fe8858c5e78d8b536c45a6b7f53de36be2fb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pixelpaste.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 569 B
308 B 71ms
70ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4063000191185389&correlator=3738932877976021&eid=31079420%2C31079377%2C31078659&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=21724377464%3A22877764688%2Cpixelpaste%2Csticky_anchor_mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100&ifi=3&didk=4110065073&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699213104644&lmt=1699213104&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpixelpaste.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=994618674.1699213104&ga_sid=1699213105&ga_hid=1664575027&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY9Kv5h7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPSr-Ye6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9Kv5h7oxSABSAghk&dlt=1699213104133&idt=452&adks=3471206438&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fab4b80c9b2d868cac01eee3dcc08256f5fd1fadf456de33a12244e4b918789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pixelpaste.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 851A 6 KB
3 KB 130ms
30ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pixelpaste.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 19:38:24 GMT
expires: Mon, 04 Nov 2024 19:38:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20231104-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 816 KB
169 KB 42ms
42ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pixelpaste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1a13104b31dd0bb02d6033beecc192d5cd5516c401354189848944a281ceb9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: LeXW8hJo35Q2Z1bfi3sGr8bIGxd6S06o
content-encoding: br
via: 1.1 varnish
date: Sun, 05 Nov 2023 19:38:24 GMT
x-amz-request-id: 21ZDNYXHCXNJKAQG
age: 1987
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172844
x-amz-id-2: 9/5ZzHAd/aAE91++6n+DC+bZuWASeL4V3lwcPjT7mlUiuecFaAYlPMAwfwNLZaqAsOUbO9DTOcI=
x-served-by: cache-cph2320042-CPH
last-modified: Sun, 05 Nov 2023 10:55:30 GMT
server: AmazonS3-br
x-timer: S1699213105.712274,VS0,VE0
etag: "9c7ac343c1d13ad6cd631851f2cb8150"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2042

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 92ms
24ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pixelpaste.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pixelpaste.net
date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5D52 15 KB
6 KB 124ms
43ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pixelpaste.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pixelpaste.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 19:38:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 362861
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 109ms
44ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 251393
expires: 60

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5D52
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pixelpaste.net&sn=ChromeSyncframe&so=0&topUrl=pixelpaste.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=2iJh7nwvQzVzNzZWMFY4THp5TnVPQlJ5eXEwN3RsUXZHODdpWWZ6eU90Tm4rcmRuYWJqY0NLaHEyYkFPYnpQNzNmNHRuaFVxb1Y2cVhmWXhkVTRzRGFYcEY1eVFIZS91bzFkVUs0Rnc0Q0tKZERoQ0k2ZzZMcWZZc0M4cl...

438 B
655 B

40ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2iJh7nwvQzVzNzZWMFY4THp5TnVPQlJ5eXEwN3RsUXZHODdpWWZ6eU90Tm4rcmRuYWJqY0NLaHEyYkFPYnpQNzNmNHRuaFVxb1Y2cVhmWXhkVTRzRGFYcEY1eVFIZS91bzFkVUs0Rnc0Q0tKZERoQ0k2ZzZMcWZZc0M4clhDMTZQMEVlRTFQQ1VoLzhTVDJnWXVaNkltZ0xYOVczRG9XVENsMWhXSTZMZDVuSUpUZWhrakwyNEx2WHhqYTJrUHVCNmo0UFZsdUF0eXpNN29EU2tYTE03SVJSZUNjMktBdjBXclFWTmh1SjZ6SnpxeEVqZ2NkSDFTRVZqQ1NCcThFTnNtcEY1L0NiSUtYN3ZYM1E0S1o4Mmc1Nm1BaWNtVGs5WmtSTnIzZFl0azhINnZTQT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a168bcb115f7f95ffbca913e02bd7c4ffada2f9310c3fd7e76a772682646cad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1215362
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 19:38:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=2iJh7nwvQzVzNzZWMFY4THp5TnVPQlJ5eXEwN3RsUXZHODdpWWZ6eU90Tm4rcmRuYWJqY0NLaHEyYkFPYnpQNzNmNHRuaFVxb1Y2cVhmWXhkVTRzRGFYcEY1eVFIZS91bzFkVUs0Rnc0Q0tKZERoQ0k2ZzZMcWZZc0M4clhDMTZQMEVlRTFQQ1VoLzhTVDJnWXVaNkltZ0xYOVczRG9XVENsMWhXSTZMZDVuSUpUZWhrakwyNEx2WHhqYTJrUHVCNmo0UFZsdUF0eXpNN29EU2tYTE03SVJSZUNjMktBdjBXclFWTmh1SjZ6SnpxeEVqZ2NkSDFTRVZqQ1NCcThFTnNtcEY1L0NiSUtYN3ZYM1E0S1o4Mmc1Nm1BaWNtVGs5WmtSTnIzZFl0azhINnZTQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260170
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
74ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2023883e1ed6cc458c7c6d5a8d3144750fd4b0e22d7d59294e082fbe40907917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 408ms
332ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 19:38:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D708 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pixelpaste.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 19:03:29 GMT
expires: Mon, 04 Nov 2024 19:03:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E188 829 B
1 KB 93ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23b3a618bc644c541dcb11e0e2a78cd375047a619083adb6238d4111c423ac52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EvpTGggHBPk8BZD1SJKJbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pixelpaste.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EvpTGggHBPk8BZD1SJKJbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 19:38:25 GMT
expires: Sun, 05 Nov 2023 19:38:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame D708 38 KB
15 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 13:29:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E188 0
0 58ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=4063000191185389&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D708 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rhmr-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:38:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=4063000191185389&bg=!X1ylXBPNAAb4oU7C2KE7ADQBe5WfONzZUTFrErm5ZcFD5QJn7i0WLLGS1f2-w9EeJmUGycQ8kuViF9BNHuiQ2tmH5qtcAgAAAEBSAAAAB2gBB5kC8c_sQNoCgCvEe8oLPI3cS4kpQjDxh3S7gdQMvmTYSESClRBBEPFX0mEMg8lYQmhKNU9m-O1gtXqBXBFbG0A7DRTbc7OX18Ljdx1p_WUUsATIpUDYju0OqggdymQmJKE7P-aOx-2qSSbYN7xOHAf3C_h424KCVTK0znCb3T5qEiHq29WARCO1afmrJqTlZsUOg_sTljyCO29o4q2sSiQCAon0QbQIVSTqiOuCBQwrTtircm8cXHkF-N6t0zTYZDpg_5ncAV7QNiq8KByWSlUaWq6_pg0w0OI8qj9LEpiv9LwjCOg2N_ZPEclMgnSEMeopTKxHpDFzbE8A_RfrtJEdPFaYpf67CDNzILej5vEBI0rVkuLjQf55lNcZYYjiUxdXk4-PcjOoLJ8IPg2xXYqZOo4SxpZ5unmdh6GS3P2MpcA5rGZb85goCOt-4Y1tHKNm64fjeFQRLaJKImId7iAGxZi9wLeCuWhWikEdl0JqI58WzLVRQOU3SpWnhZX_fA7AS9g1Pd4_33vcSxn4P4q37ZHOsTIckNRJ1fIdsTej3mSYJ9mnEvhzZCMS9oQi0UUtwdcwp-BkFDgKCG1gpJ0KqbuyW9FX7BEn6a9b28ucnxEsHsj3HDgfW2Nl90_SQQM3AmOoCs20jVRXG_vPy8ltws793imlbZ0yHSG1r9_TY8iBsc81HB0MHtgwjjcyRKsIlysYws4I5eGo35D2LfTQttd3u8eDzAhyo9f65tGgSi44x_0_rTzXkcsaEIEPtUn5ZAEmkiiDIhcIRAcy1sYUUeRFXra3i_GDf4LbwuvaS6t9n2oNXCsjKK9q2yoMCY-EiBnAawpP--ZwZ_nY7GclogBqopMig1q9mV_GcWZGqPo6jUh8_KGb7LdsdvA3hYn4b5B0_Udpcf_13Acf17Aq9O-5olzkas9U_RWagRYjlxDawOUriWOw39TGzyOPgrAMpJf8M2pU8EGB2hMiSIY4PPf2fOPHxpqLv38kKjYyGBWtSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixelpaste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4063000191185389&correlator=3738932877976021&eid=31079420%2C31079377%2C31078659&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22387492205%3A22738518951%2Cpixelpaste.net.Banner0.1679302909&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x75%7C300x100%7C320x50%7C728x90%7C970x90&ifi=1&didk=4175322741&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699213104631&lmt=1699213104&adxs=650&adys=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpixelpaste.net%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=994618674.1699213104&ga_sid=1699213105&ga_hid=1664575027&ga_fc=true&dlt=1699213104133&idt=452&adks=1252140121&frm=20

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pixelpaste.net/	1970-01-20 16:00:14	Name: __cf_bm Value: rjbmOe_Z8.J3pHF1igvE2VrRJqajEpv_10zBHVMS3_g-1699213104-0-AUpajMqIYnmBP5FWQjrHAzsJzMN4Q5zSpF10OV5TPYzBe/tbxTSvp/oQowOEJ1sH3lQ046oXRsa6iBDCHJevzG8=
.pixelpaste.net/	1970-01-21 01:36:13	Name: _ga_ELXPX9P9VW Value: GS1.1.1699213104.1.0.1699213104.0.0.0
.pixelpaste.net/	1970-01-21 01:36:13	Name: _ga Value: GA1.1.994618674.1699213104
.doubleclick.net/	1970-01-20 16:00:14	Name: test_cookie Value: CheckForPermission
.pixelpaste.net/	1970-01-21 01:21:49	Name: __gads Value: ID=221682a316dc7717:T=1699213104:RT=1699213104:S=ALNI_MauNfWO2eCsQXRVqhHKnxCqKU6yCA
.pixelpaste.net/	1970-01-21 01:21:49	Name: __gpi Value: UID=00000cc9683433f1:T=1699213104:RT=1699213104:S=ALNI_MZVmQH-SHTYXVV-xstMcEhcF_Derw
.criteo.com/	1970-01-21 01:21:49	Name: uid Value: 61b60282-b3af-4746-897f-b2c197189a69
.pixelpaste.net/	1970-01-21 01:21:49	Name: cto_bundle Value: fNjjZF80emZhNTd1WnJQeXVqUmYyWHlLSCUyQkZnME5JbSUyQkdISUNQY1pmYiUyRmFkVmtGV20lMkZhaXptM3NjYmJldEhoUmtFbDhRemk1TTZEdmd0czE5eVpiOXA4TFYxd2RmbzlORk0wN0hBRTVJUmZKRGFocVFUeTRvc25uMWFFWkNFdHU5ZHRZY1N1YnJrZ2pOOFElMkJhWEw0MHRVQSUyRkElM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://pixelpaste.net/ Message: Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4063000191185389&correlator=3738932877976021&eid=31079420%2C31079377%2C31078659&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22387492205%3A22738518951%2Cpixelpaste.net.Banner0.1679302909&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x75%7C300x100%7C320x50%7C728x90%7C970x90&ifi=1&didk=4175322741&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699213104631&lmt=1699213104&adxs=650&adys=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpixelpaste.net%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=994618674.1699213104&ga_sid=1699213105&ga_hid=1664575027&ga_fc=true&dlt=1699213104133&idt=452&adks=1252140121&frm=20' from origin 'https://pixelpaste.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4063000191185389&correlator=3738932877976021&eid=31079420%2C31079377%2C31078659&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22387492205%3A22738518951%2Cpixelpaste.net.Banner0.1679302909&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x75%7C300x100%7C320x50%7C728x90%7C970x90&ifi=1&didk=4175322741&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699213104631&lmt=1699213104&adxs=650&adys=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpixelpaste.net%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=994618674.1699213104&ga_sid=1699213105&ga_hid=1664575027&ga_fc=true&dlt=1699213104133&idt=452&adks=1252140121&frm=20 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
d3plnp2f9sfye5.cloudfront.net
e23df854bb32bd353a1c65ebbd2e139f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
id5-sync.com
mug.criteo.com
pagead2.googlesyndication.com
pixelpaste.net
region1.google-analytics.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
securepubads.g.doubleclick.net
151.101.129.44
162.19.138.83
2001:4860:4802:34::36
2600:9000:2134:ce00:19:170a:f740:93a1
2606:4700:10::ac43:266a
2606:4700:7::60
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:58::60
00f26a67bf72ba8315351114ae62c05b13fa3602c34b074816186754126a0199
039f88a4339df24e902cbdb0aec1eb71fea4fe41b9a14ff9594fcae055f96504
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a13104b31dd0bb02d6033beecc192d5cd5516c401354189848944a281ceb9f9
2023883e1ed6cc458c7c6d5a8d3144750fd4b0e22d7d59294e082fbe40907917
23b3a618bc644c541dcb11e0e2a78cd375047a619083adb6238d4111c423ac52
24fff447b515afa6bb2a0a7cb55b4ead0663cb5a925b154b744e0001f9238c4d
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
34d287d2fbd66cf4820025e29d1723c5474df1368502ffc674ff69488b80ac10
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641c0ae70fbef3235ee470b392d54fe594ec1d426d65061e31249f04234c9acb
6ba7f8399c19e6cbd39ac67cc3807a812338ac0864754b7e1ebb317a02a1c778
6fab4b80c9b2d868cac01eee3dcc08256f5fd1fadf456de33a12244e4b918789
7bba514b475650339be4be88235724b1ae727017b6258ebdf3778bc9d6755d73
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
8902533314155ad6f7bdb1da485ee2bf0daeea2a83b2a21162df5c960db49d1b
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a168bcb115f7f95ffbca913e02bd7c4ffada2f9310c3fd7e76a772682646cad3
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
cf374bb4b7df7cf23337a92c0a687db38a408436329421bf0198b4dedb854b13
d206897116be0fe97beb6a18f3fe8858c5e78d8b536c45a6b7f53de36be2fb67
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803be3ecbab8ebf5809643c67ed44c7540d9cdb75c63bc4c5942e34dd0ebacf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pixelpaste.net Open in urlscan Pro 2a06:98c1:58::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

90 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

754 kBTransfer

2545 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pixelpaste.net Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

90 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

754 kB
Transfer

2545 kB
Size

8
Cookies

39 HTTP transactions
0 data transactions