pastes.io Open in urlscan Pro
66.29.132.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastes.io/vtb8s0nd6g
Submission: On April 27 via manual (April 27th 2023, 1:24:19 pm UTC) from IN — Scanned from DE

Summary HTTP 122 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 37 domains to perform 122 HTTP transactions. The main IP is 66.29.132.145, located in United States and belongs to NAMECHEAP-NET, US. The main domain is pastes.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2022. Valid for: a year.

This is the only time pastes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	66.29.132.145 66.29.132.145	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:9b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.201.128.178 195.201.128.178	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:303... 2606:4700:3030::ac43:888b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:578	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f128:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:c000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	52.28.142.98 52.28.142.98	16509 (AMAZON-02) (AMAZON-02)
2 2	18.203.106.14 18.203.106.14	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	13.40.227.197 13.40.227.197	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	3.9.33.137 3.9.33.137	16509 (AMAZON-02) (AMAZON-02)
122	37

36 66.29.132.145 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business140-5.web-hosting.com

pastes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:9b9 (United States)

ASN13335 (CLOUDFLARENET, US)

ui-avatars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.128.178 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.128.201.195.clients.your-server.de

api.qrserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:888b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.counter.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.counter.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:578 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.splitbee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hive.splitbee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

dustyhammer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f128:83:face:b00c:0:25de (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:c000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.142.98 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-98.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.106.14 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-106-14.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.40.227.197 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-227-197.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.33.137 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-33-137.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	pastes.io pastes.io	326 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	212 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	534 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 ad.doubleclick.net — Cisco Umbrella Rank: 201	24 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	32 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718 www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	dustyhammer.com dustyhammer.com	23 KB
3	splitbee.io cdn.splitbee.io — Cisco Umbrella Rank: 492062 hive.splitbee.io — Cisco Umbrella Rank: 424171	4 KB
3	counter.dev cdn.counter.dev — Cisco Umbrella Rank: 561114 t.counter.dev — Cisco Umbrella Rank: 578482	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	167 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	45 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2889	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35205	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
2	gstatic.com fonts.gstatic.com	62 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	89 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 61533	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 53210	435 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 53598	261 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	704 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1007	98 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 985	187 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 820	482 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	601 B
1	qrserver.com api.qrserver.com — Cisco Umbrella Rank: 79830	650 B
1	ui-avatars.com ui-avatars.com — Cisco Umbrella Rank: 58337	1003 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
122	37

	Domain	Requested by
36	pastes.io	pastes.io
10	pagead2.googlesyndication.com	pastes.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com pastes.io
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	x.bidswitch.net	3 redirects
3	dustyhammer.com	pastes.io dustyhammer.com
3	www.googletagmanager.com	pastes.io www.googletagmanager.com
3	cdnjs.cloudflare.com	pastes.io
2	api.webgains.io	analytics.webgains.io
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	r.scoota.co	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	hive.splitbee.io	cdn.splitbee.io
2	t.counter.dev	cdn.counter.dev
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	pastes.io connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	pastes.io connect.facebook.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	id.rlcdn.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	pastes.io
1	static.adsafeprotected.com	pastes.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.splitbee.io	pastes.io
1	cdn.counter.dev	pastes.io
1	api.qrserver.com	pastes.io
1	ui-avatars.com	pastes.io
1	fonts.googleapis.com	pastes.io
122	48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
pastes.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-17` - `2023-12-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-03` - `2023-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.qrserver.com R3	`2023-04-16` - `2023-07-15`	3 months	crt.sh
cdn.splitbee.io Cloudflare Inc ECC CA-3	`2022-12-19` - `2023-12-19`	a year	crt.sh
dustyhammer.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 14 frames:

Primary Page: https://pastes.io/vtb8s0nd6g
Frame ID: 4D0B73C335D07F604D5F1A81746908D7
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html
Frame ID: 649E446515CB20CA80B678585B9C72D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&adk=1812271804&adf=3025194257&lmt=1682601853&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853474&bpp=4&bdt=1048&idt=197&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4257856153566&frm=20&pv=2&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Frame ID: 26DE30BF7969D7C623591420BCA880EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=9295183313&adk=2157082398&adf=1645639513&pi=t.ma~as.9295183313&w=1073&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=1073x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853478&bpp=2&bdt=1053&idt=233&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=80&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D8GY7icPe5&p=https%3A//pastes.io&dtd=246
Frame ID: F3900ED36FA776FEBAB411DE860D9E64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=2921184954&adk=3916933486&adf=577482524&pi=t.ma~as.2921184954&w=1073&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=1073x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853480&bpp=1&bdt=1055&idt=255&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=80&ady=1207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UCowiiEf3x&p=https%3A//pastes.io&dtd=305
Frame ID: 71C9B1C9BD38EE0E7D06767CC5A6E255
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Frame ID: FDC79877414E69274D3284A40F3FD164
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/comments.php?app_id=327053132581361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3fe6ca716824%26domain%3Dpastes.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpastes.io%252Ff34f59645b06bdc%26relation%3Dparent.parent&container_width=1073&height=100&href=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&locale=en_US&numposts=5&sdk=joey&version=v9.0&width=
Frame ID: 171B7A16FCA4ADE96740507ADB8BB024
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMVaPfXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBLwBT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKXvynVAl_7qOM5r-EkDyZHWmBMt28PrNZVMLAFG3k_tPHhNwneQKABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ2MDQ1NzA4NjgwODI3NDcYAA&sigh=FR8UXtM50gs&uach_m=[UACH]&cid=CAQSKQBygQiDBFGSyXq48_lWvHORoU_nxj9ThtmYr8aBo7o0Q3huLLbuu0tXGAE
Frame ID: 2FE511AEE1F899DE1DFAF34E7DCC7B2A
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D
Frame ID: 39F90365AD39F484C8ADA5601D6D8506
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C890004D22AF1D6B2D1EADE446188E1E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B340ABDFFD35FC07F1ACAB466042C76C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Frame ID: 2296FC88281D320E600FE4AC1D9079E6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18A0FA98CBC7222313E835876B16DAD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77F4B2672C48D5F861AE23B356DAB98B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nflow Technologies - Pastes.io

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

97 %
HTTPS

57 %
IPv6

37
Domains

48
Subdomains

37
IPs

6
Countries

1619 kB
Transfer

4153 kB
Size

33
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pastesio/

Search URL Search Domain Scan URL

URL: https://twitter.com/pastesio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pastesio/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOZOEj1CbZHJE76ojaqkq_o&google_cver=1&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOZOEj1CbZHJE76ojaqkq_o&google_cver=1&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=44105228-5336-4e56-bb35-2b0ac3bf0d75&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY&google_hm=VSj3pGnoRJeT3Y4ZmrDWRA==

Request Chain 87

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKbDX1TRxHquO1RFFOgMrpuk4NNDWB-6xrpI&google_gid=CAESENEEzRi2LYiWzSUdt6poCoY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKbDX1TRxHquO1RFFOgMrpuk4NNDWB-6xrpI&google_gid=CAESENEEzRi2LYiWzSUdt6poCoY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MjcxMzI0MTQwMDA3MTU1NTYyMzEwNg%3D%3D&google_push=ATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKbDX1TRxHquO1RFFOgMrpuk4NNDWB-6xrpI

Request Chain 88

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMlQ5tjOC33IT0s1ln7njIw&google_cver=1&google_push=ATf1kGONdlfM1hYmSICmf2mJzny7GCVblQem-lBWerp66ph9VvphvpRLd9jbOqVLxp8V433NBfFACP-Yjvy95Yv-D3oFP4qal_HXqzI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMlQ5tjOC33IT0s1ln7njIw&google_cver=1&google_push=ATf1kGONdlfM1hYmSICmf2mJzny7GCVblQem-lBWerp66ph9VvphvpRLd9jbOqVLxp8V433NBfFACP-Yjvy95Yv-D3oFP4qal_HXqzI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p5w_BjLWTVqpH9yxXq_sGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGONdlfM1hYmSICmf2mJzny7GCVblQem-lBWerp66ph9VvphvpRLd9jbOqVLxp8V433NBfFACP-Yjvy95Yv-D3oFP4qal_HXqzI

Request Chain 104

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIjV566Uyv4CFcHqEQgdI3kPaQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218

122 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vtb8s0nd6g Show response
pastes.io/ 34 KB
9 KB 1055ms
708ms Document
text/html 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

eb9f900ed134c11779a555c7536da1ba8ac36d303d95164c96e2c5f765e03192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 13:24:12 GMT
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-ratelimit-limit: 60
x-ratelimit-remaining: 56
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 41ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5486160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R59llRh1NZvQQzUXenfQHK55lG2MAOcR8nG1OyZKSOEYQhWr4%2F2IFa%2BDqKt5%2FkRZyDKg1MoERjpCLk0zEEfxgUiIsX%2BBA2OCC8V%2FcuDTLch%2FT7fUHTYlCsv4UBL8GxZDLPQsX0LCmGEVIVn7SmiZvl5C"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7be76269db7d927f-FRA
expires: Tue, 16 Apr 2024 13:24:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 49ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b5f3aff30b52d5416aa84b755f1920f99cfe913eec2e01ac0a2c1e72d2994d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 11:49:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 13:24:12 GMT

GET
H2 200 vendors.min.css
pastes.io/assets/css/ 50 KB
4 KB 317ms
314ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/vendors.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3301
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 bootstrap.min.css
pastes.io/assets/css/ 191 KB
24 KB 318ms
315ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/bootstrap.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

8ba667244df955de52c5b40ba4e58473a1eb1aada2292f31ff441dd449755d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 24100
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 bootstrap-extended.min.css
pastes.io/assets/css/ 78 KB
12 KB 474ms
471ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/bootstrap-extended.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

5d6fed4682df44d0d96a062f9b0a091a162c9ce179c6896d94ad14b388a52df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 11850
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 colors.min.css
pastes.io/assets/css/ 105 KB
10 KB 476ms
473ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/colors.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

a5c5d9c8b471e9f7f0a70e0d5ba053c14d650aa16cb22be0cc1b85ba31d9d96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 10104
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 components.min.css
pastes.io/assets/css/ 73 KB
11 KB 475ms
472ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/components.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

347cd3ada9898f6dce9635212196ba165dfb4ae336d17ce6318b3d27bd612175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 10516
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 dark-layout.min.css
pastes.io/assets/css/ 74 KB
14 KB 631ms
628ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/dark-layout.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

d1402e2c2f670d0f6fb696407b6c32549985629f6a85c3f946e25e2b60b315f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 14199
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Mar 2022 01:02:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 horizontal-menu.min.css
pastes.io/assets/css/ 19 KB
3 KB 632ms
629ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/horizontal-menu.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

3e3d7c9bde7b57297f82b8ebce7ecce13024e592bb72f035682248e472c6bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2368
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 custom.min.css
pastes.io/assets/css/ 5 KB
2 KB 785ms
782ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/custom.min.css?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

726a79a3fb6de54b73b65ab64ed65a74c015ea5a949aa0b9268799de176f509c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1151
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:42 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 toastr.min.css
pastes.io/assets/css/ 7 KB
3 KB 785ms
783ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/toastr.min.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

d8113222855baf9f8bc347bd6a7e50212675855a8cf5ae764c1d222ae95a15d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2818
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 11:09:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 ext-component-toastr.css
pastes.io/assets/css/ 6 KB
2 KB 786ms
783ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/ext-component-toastr.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

d6d4c997ed8dbfbc53b534e15ab70ee0f2e7770947d828f2cd4dd683449da81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1226
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 11:09:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 ext-component-sweet-alerts.css
pastes.io/assets/css/ 3 KB
888 B 786ms
784ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/css/ext-component-sweet-alerts.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

dba5f1a65b2f4f42fa650d92f6900351a8878170a0b216f17a011712c83d73d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 485
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 11:09:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 codemirror.min.css
pastes.io/plugins/codemirror-5.52.0/lib/ 6 KB
2 KB 786ms
784ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/lib/codemirror.min.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

694914eb4247927229e1c677ecade7674aa59fe6f12f91483333940a32c9cdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1443
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 14 Mar 2020 21:14:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 idea.css
pastes.io/plugins/codemirror-5.52.0/theme/ 2 KB
897 B 787ms
785ms Stylesheet
text/css 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/theme/idea.css

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

c52c1d627b1ed6ad74293c28ae35553f9de96f2fff926f7e4018618247cb3c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 494
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 176ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216162563-1

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac49004fc788a143bc04f0b1bc3d892639e3451832a80c22f10fa02e3ae28a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45408
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Apr 2023 13:24:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 154ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c16b130481c85b8ddc5029f9a09e6e2a51cb7521963b3b4a1d713bd991ac5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Apr 2023 13:24:13 GMT

GET
H2 200 default-avatar.png
pastes.io/img/ 7 KB
7 KB 650ms
646ms Image
image/png 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastes.io/img/default-avatar.png

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Nov 2018 00:58:44 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6957
x-xss-protection: 1; mode=block
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 141ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a83a82453e71bdee518a9f06b4998b368882b48da5e45793af6cdc932d40cb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Origin: https://pastes.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 13:24:13 GMT
content-md5: XoZuUHIPikuGV9FtkD7LeQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: J5VOdzVXO4XX4irMJjkPGtqXNH2I1mzmCqcDAyKdvY1K5lg33QeXBpJrl7zaCq3stuJ3DaYWaFHRPnZgtlAEng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 1031267d244c85505da70defb1acb0f8
cross-origin-opener-policy: same-origin-allow-popups
etag: "b9e385c073078752b4a534f5d47c930c"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 27 Apr 2023 13:26:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 205ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

080cf84d0bfb4147fefe010586363b5cc2928448083b097cef341b9d8e9b3bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Origin: https://pastes.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47388
x-xss-protection: 0
server: cafe
etag: 12381515962595545878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 13:24:13 GMT

GET
H2 200 /
ui-avatars.com/api/ 579 B
1003 B 323ms
187ms Image
image/svg+xml 2606:4700:20::681a:9b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-avatars.com/api/?background=random&size=264&name=nflow124
Requested by: Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6627bc28e8146b74ea4ec350fcae199b56899eca78f6e2b508a17876ff8dd3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
last-modified: Thu, 27 Apr 2023 09:44:05 GMT
server: cloudflare
access-control-max-age: 31536000, 31536000
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, GET, OPTIONS
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAFsI80nQvwWiEQGdoCo7%2BG2ZOj81HlBi6WkUPN5GGYE8AmKUuNNAbw0QKgpRelPf%2BBYJTvjMsswb4qxAnmA75dIKQ9fyvrOag0HKpGFFhVaE1dTZ%2FiJTE76Wjw1BP0kSU%2Blnqyz%2B9Z7t0Q4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
access-control-allow-credentials: true, true
cf-ray: 7be7626f79263722-FRA
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
expires: Fri, 26 Apr 2024 09:44:05 GMT

GET
H2 200 /
api.qrserver.com/v1/create-qr-code/ 385 B
650 B 150ms
7ms Image
image/png 195.201.128.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.qrserver.com/v1/create-qr-code/?size=150x150&data=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g
Requested by: Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.178 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: f55612e4e7e147e7a7e1b1adae8d6a858720cd29a679fc1297a05beaf5aa2d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Apr 2023 13:24:13 GMT
server: nginx
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/png

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 15ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 595823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMC4YRKG3024QxgGyJ5iYoSLh3DdUKpKNloW8fKM0c%2BRXNVBNsuzw%2FqttVDcsAU8AXmqdxXq49%2FS3EZ4zaXISWC366g5P2dyxUQVDutWHexgmw6gmKasNxqRKkx6G%2BnJmRw%2BJyxvy9dDOVksYxPthYJw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7be7626e9a4f927f-FRA
expires: Tue, 16 Apr 2024 13:24:13 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 39ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1270105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKeE57qVGq%2B1s%2BQfSxjIdRXlpmznyZIK0GQVDUp%2B8F%2BcuWsm0tjSzUN0PDuVjvab8yuKh4d%2BbG0DdEl%2BvJlvGdFeHP3pw4XJoUzgPpIFBwqZcH4sUeOdL0k%2FvLjR5ZRM2RVIOV9LnycOvBTBZrkXcMss"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7be7626e9a50927f-FRA
expires: Tue, 16 Apr 2024 13:24:13 GMT

GET
H2 200 prebid-ads.js Show response
pastes.io/js/ 22 B
417 B 166ms
158ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/js/prebid-ads.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Dec 2020 02:54:52 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22
x-xss-protection: 1; mode=block
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 app.min.js Show response
pastes.io/assets/js/ 16 KB
5 KB 166ms
158ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/app.min.js?v=1.5

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4508
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Mar 2022 11:17:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 vendors.min.js Show response
pastes.io/assets/js/ 373 KB
104 KB 167ms
159ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/vendors.min.js?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

ac69939a25223ffbb9055f9a54a429bc6bb24d1fa00af9953e48a79177da8182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 106451
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 jquery.sticky.min.js Show response
pastes.io/assets/js/ 4 KB
2 KB 491ms
484ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/jquery.sticky.min.js?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

d5e098d2863808a8705f9d74d232575aafbcb218580ab21db42cf736991e67d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1369
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 components-popovers.min.js Show response
pastes.io/assets/js/ 2 KB
856 B 492ms
485ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/components-popovers.min.js?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

b3ddfb37ed78728bb94cd31a9077ffc214ce9f3853218d8bfb1927a4ee291efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 439
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 components-modals.min.js Show response
pastes.io/assets/js/ 388 B
585 B 492ms
485ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/components-modals.min.js?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

a7b489051d44d2c22ed5121c6112d82a4e73103ad950779a9a37bba2653b1216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 168
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 app-menu.min.js Show response
pastes.io/assets/js/ 15 KB
4 KB 493ms
486ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/app-menu.min.js?v=2

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

c73dfd28de1fea67655102d3ece0bc053e07154916f0e32af50e5e3be116eaea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3469
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 app.min.js Show response
pastes.io/assets/js/ 16 KB
5 KB 493ms
486ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/app.min.js?v=3

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4508
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Mar 2022 11:17:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 custom.min.js Show response
pastes.io/assets/js/ 3 KB
2 KB 494ms
487ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/custom.min.js?v=3

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

4353a7702a269ac78f59dce6e0f46c1defaf681c074fec7f19b77be823d781a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1429
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Mar 2022 12:48:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 toastr.min.js Show response
pastes.io/assets/js/ 6 KB
2 KB 494ms
488ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/toastr.min.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

7f8a524cf4f533c441ec342a397566f44c157c1a4ee8830eb49db90088bdb0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1993
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 11:09:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 sweetalert2.all.min.js Show response
pastes.io/assets/js/ 68 KB
17 KB 495ms
488ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/assets/js/sweetalert2.all.min.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

aa730424801f53a2e5d344701b2fca2680ebf9c1096aed1d7e5fdff3734f3f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 17488
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 11:10:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 codemirror.min.js Show response
pastes.io/plugins/codemirror-5.52.0/lib/ 166 KB
54 KB 641ms
635ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/lib/codemirror.min.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

ed7ab948c1df8600b122c4bc1a668b9ce246e200ae1053f922e0bb3663ef123b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 54868
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 14 Mar 2020 21:15:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 loadmode.js Show response
pastes.io/plugins/codemirror-5.52.0/addon/mode/ 2 KB
1 KB 647ms
641ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/addon/mode/loadmode.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

154884fb0942117405532f2c9f71e1c46c08cb51db6e520ca420edd68ff8909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 794
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 matchbrackets.js Show response
pastes.io/plugins/codemirror-5.52.0/addon/edit/ 6 KB
2 KB 649ms
643ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/addon/edit/matchbrackets.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

5068c4c078aa75505850d2b7993bd805a8d0396202ddfc37429b8247010f9a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2093
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 foldcode.js Show response
pastes.io/plugins/codemirror-5.52.0/addon/fold/ 5 KB
2 KB 650ms
644ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/addon/fold/foldcode.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

7870b15ec652b5f84c566983875510670573e910d69b10d3a2146bc20fd689fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1447
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 foldgutter.js Show response
pastes.io/plugins/codemirror-5.52.0/addon/fold/ 5 KB
2 KB 649ms
645ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/addon/fold/foldgutter.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

523a9b2814dc2706a78b77d79dbdc1e945a0b85f22118028b8cb139f8db948a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1563
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 meta.js Show response
pastes.io/plugins/codemirror-5.52.0/mode/ 15 KB
4 KB 650ms
645ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/plugins/codemirror-5.52.0/mode/meta.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

5abda823cbbf370ffbb52bc61fbabbf4d2f3eaa04e146c9805273f066a100a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3729
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Feb 2020 23:57:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 codemirror-link-overlay.js Show response
pastes.io/js/ 4 KB
2 KB 650ms
646ms Script
application/javascript 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/js/codemirror-link-overlay.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

db15c73725fb887ad2f55038e3170602a4efb0ef8c0ba3c04e19ec2bb07c40bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1493
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Sep 2020 22:36:52 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 script.js Show response
cdn.counter.dev/ 726 B
1 KB 159ms
15ms Script
application/javascript 2606:4700:3030::ac43:888b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.counter.dev/script.js
Requested by: Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c38a24d67bee37a216b42687de11f5f77a2d16b81171a654823ea926331e280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: c37de0d496e1133df6a2fb58d305d6aaa7319f7d
date: Thu, 27 Apr 2023 13:24:13 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487
cf-polished: origSize=1146
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA
x-cache-hits: 0
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 19:39:47 GMT
x-github-request-id: 4D18:583D:8173:8578:6439AC1E
x-timer: S1681501214.118176,VS0,VE97
server: cloudflare
etag: W/"6439ac03-47a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF84Lsbbj7q4l5oW%2F8RQOxPfNd62w9ioJNM4lnJd7Z%2BFoxkDGGoMzxe4vX4hBurH18%2FMBUJtWThaeDPwRFx0C6ERiIwpjAaDRiPppQfDAvl0vChtX4qXjJMBiZ30jvU6OunukoWrZnWuUv0I9K8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 7be7626f8c22363f-FRA
expires: Tue, 25 Apr 2023 06:22:33 GMT

GET
H2 200 sb.js Show response
cdn.splitbee.io/ 8 KB
4 KB 163ms
20ms Script
application/javascript 2606:4700:20::681a:578
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.splitbee.io/sb.js

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8aa2311d3d785a225afe46d73cbb380739529ffbdaff1d301c7b72bb6ffddc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115986
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4b7b53e4f5e001167ae91c5d8e81041a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpI2zmshMlnz2hZGYf4hA7gQM1r3yBoUrERxBlzficioC8SRKMxS8MMozIN%2F4%2B0PJyFLS38aPwly7sKmD4qIQICePMwr%2Fm%2BPoUpp1Ot19pH2TCKBLwLXOD4kWKkn2Xg7KLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=172800, must-revalidate
x-frame-options: DENY
cf-ray: 7be7626f8ece3a52-FRA

GET
H2 200 v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A Show response
dustyhammer.com/ 64 KB
23 KB 165ms
22ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4cdf26c6af4a94a66df9af4447328d1ea96b5dd3f5dca3dff60f6d738814dc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 27 Apr 2023 13:24:13 GMT
x-datacenter: gce-europe-west1
etag: "68afaee1f5c4e3433bc6cfd78b67b59f2b3dff3653f3eb61d29807723204c6ff"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-b8mh
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 832971200
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 us.svg
pastes.io/fonts/flag-icon-css/flags/4x3/ 4 KB
1 KB 642ms
641ms Image
image/svg+xml 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastes.io/fonts/flag-icon-css/flags/4x3/us.svg

Requested by

Host: pastes.io
URL: https://pastes.io/assets/css/vendors.min.css?v=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/assets/css/vendors.min.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 646
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Feb 2022 01:03:50 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 04 May 2023 13:24:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 141ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastes.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 427804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 14:34:09 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
32 KB 134ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastes.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:20:36 GMT
x-content-type-options: nosniff
age: 403417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:20:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6865f68f93150ed8db734c6f5b6c4ae7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1c53d37faa5005c9dff43ae031a0e7ddbd046846f19e0ef4403175b1171f9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Origin: https://pastes.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 13:24:13 GMT
content-md5: HMA/VIBg/+Xo+D/xTjjrqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88614
x-fb-rlafr: 0
x-fb-debug: mvmF0Hip/5zm7tkSsG89M5LPLfyGkP7UflO4vvNcukjTga9Wtl5Njyw/SRwzJWW4qT+xbIPWekfzx8XUu4WPwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 610bccbf730af3265563e0928cae0049
cross-origin-opener-policy: same-origin-allow-popups
etag: "7fa5275b76756e4677a2ebfb528e15a6"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 26 Apr 2024 12:15:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216162563-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e31b7948bf118320a749843c68dc8198351a7ecb7c431d2d3494ea558a79e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45419
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Apr 2023 13:24:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 309ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3C9G1SS24S&gtm=45je34q0&_p=1776608704&cid=2042652090.1682601853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682601853&sct=1&seg=0&dl=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&dt=Nflow%20Technologies%20-%20Pastes.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 94ms
31ms Image
text/plain 2a03:2880:f128:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=327053132581361&ev=fb_page_view&dl=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&rl=&if=false&ts=1682601853449&sw=1600&sh=1200&at=

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Apr 2023 13:24:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216162563-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 12:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2909
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 27 Apr 2023 14:35:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/ 354 KB
119 KB 102ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47db6c4edd2d6b841cfec4e4c4fcd6fd248d896d1919aa63a044a91e2835709d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121893
x-xss-protection: 0
server: cafe
etag: 6280246257354439312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 13:24:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/ Frame 649E 10 KB
5 KB 43ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 01:19:48 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 01:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 16ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1776608704&t=pageview&_s=1&dl=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&ul=en-us&de=UTF-8&dt=Nflow%20Technologies%20-%20Pastes.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=963365003&gjid=1220022218&cid=2042652090.1682601853&tid=UA-216162563-1&_gid=417149502.1682601854&_r=1&gtm=457e34q0&jsscut=1&z=937089321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastes.io/vtb8s0nd6g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 63ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pastes.io&callback=_gfp_s_&client=ca-pub-4604570868082747

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12a62e2722718736eb1c31e10843eca15e31a2efe648596eed3e4a6e33029f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 54ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 236ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=drag-target&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=header-navbar%20navbar-expand-lg%20navbar%20navbar-fixed%20align-items-center%20navbar-shadow%20navbar-brand-center&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26DE 10 KB
5 KB 387ms
382ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&adk=1812271804&adf=3025194257&lmt=1682601853&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853474&bpp=4&bdt=1048&idt=197&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4257856153566&frm=20&pv=2&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a2cac32bf823c2471cf452f0bce665426faac61a03be6c92269ea60ed58db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: Thu, 27 Apr 2023 13:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F390 436 B
413 B 145ms
145ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=9295183313&adk=2157082398&adf=1645639513&pi=t.ma~as.9295183313&w=1073&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=1073x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853478&bpp=2&bdt=1053&idt=233&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=80&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D8GY7icPe5&p=https%3A//pastes.io&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02b9a8b9c4ed049d64815ec724f89337d7adb256a38aaba7f2a5153eaee40ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:13 GMT
expires: Thu, 27 Apr 2023 13:24:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71C9 436 B
236 B 167ms
152ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=2921184954&adk=3916933486&adf=577482524&pi=t.ma~as.2921184954&w=1073&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=1073x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853480&bpp=1&bdt=1055&idt=255&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=80&ady=1207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UCowiiEf3x&p=https%3A//pastes.io&dtd=305

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d42a3b02b774ee2e6b2ce470dc1116d28566443e0fceb46cf1e13bf3c3f9b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: Thu, 27 Apr 2023 13:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDC7 32 KB
13 KB 471ms
455ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5907e384d32e195400edb93c680c280fce75580a5146109df10a9ee1fe56b616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12800
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: Thu, 27 Apr 2023 13:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vtb8s0nd6g Show response
pastes.io/ 34 KB
9 KB 710ms
709ms XHR
text/html 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/vtb8s0nd6g

Requested by

Host: pastes.io
URL: https://pastes.io/assets/js/vendors.min.js?v=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

eb9f900ed134c11779a555c7536da1ba8ac36d303d95164c96e2c5f765e03192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastes.io/vtb8s0nd6g
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-powered-by: PHP/7.2.34
x-ratelimit-remaining: 54
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, private
x-turbo-charged-by: LiteSpeed
x-ratelimit-limit: 60
x-xss-protection: 1; mode=block

POST
H2 204 trackpage
t.counter.dev/ 0
268 B 32ms
31ms Ping
text/plain 2606:4700:3030::ac43:888b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.counter.dev/trackpage
Requested by: Host: cdn.counter.dev
URL: https://cdn.counter.dev/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastes.io/vtb8s0nd6g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 27 Apr 2023 13:24:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bgaeh9rFUBAOxIZF%2FrqHveOKstU%2F3e%2FDmVrMBnPCLYCCC185Fda33rGbZnUpV4ESMdH1M57Cgcsb20DRJJv7S6M448i9%2F29fF8GevG56PrZNX6aTn%2Bn76Spy1Qqjc70oexqRJYDFON%2Bq%2FtnU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7be762732a8b363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 i
hive.splitbee.io/ Frame 0
0 36ms
16ms Preflight 2606:4700:20::681a:578
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hive.splitbee.io/i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,context-id,uid,x-origin
Access-Control-Request-Method: POST
Origin: https://pastes.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, sbp, uid, userId, no-cookie, context-id, x-origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://pastes.io
access-control-expose-headers: uid, userId
access-control-max-age: 86400
cf-ray: 7be762735da53639-FRA
content-length: 0
content-security-policy: frame-ancestors 'none'
date: Thu, 27 Apr 2023 13:24:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBXlgmSHNeE6cmfpjAbIvzp16ODyBupK5LUfpGzg6yAEI6qYN6vbi9Xx2U2A4s1eKimYZChpWUxkRPThxicgBs4kW1zxL5hEUwLxBfqxuihAxWhUHArDvLbWqQRLGBQ7tGbAeCso8h0W6S3t9d0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY

POST
H2 200 i Show response
hive.splitbee.io/ 14 B
698 B 131ms
112ms Fetch
application/json 2606:4700:20::681a:578
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hive.splitbee.io/i

Requested by

Host: cdn.splitbee.io
URL: https://cdn.splitbee.io/sb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Request headers

Referer: https://pastes.io/vtb8s0nd6g
uid: c8lyw061fmh
x-origin: https://pastes.io/vtb8s0nd6g
context-id: 9182992658267632
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-security-policy: frame-ancestors 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uid: c8lyw061fmh
content-length: 14
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://pastes.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrsWTGrpfBnRBXqTp%2FFGsvQXzh%2FAjNq5SHqG24BHt6MiH25ORFStwMmqsT2l2o6Tegm5gv1vcL%2FiGXt%2BF7WDZY5rAEAOoKPlggOxhNma8Py8pzJnbrqgwPbtOw1uIRzoyOy3HAvuqIlrwsQmZ3s%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: uid, userId
vary: Accept-Encoding
access-control-allow-credentials: true
x-frame-options: DENY
cf-ray: 7be762739d859040-FRA
access-control-allow-headers: Content-Type, sbp, uid, userId, no-cookie, context-id, x-origin

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 36ms
8ms Image
image/gif 2600:9000:223f:c000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_862490
Requested by: Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26433075
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: E-xmvrd18RTSGdvI32ys3-D0J4j-hvjyDuhz9p_25-DHhitqockhCw==

GET
H2 200 comments.php
www.facebook.com/v9.0/plugins/ Frame 171B 0
0 82ms
81ms Document
text/html 2a03:2880:f128:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/comments.php?app_id=327053132581361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3fe6ca716824%26domain%3Dpastes.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpastes.io%252Ff34f59645b06bdc%26relation%3Dparent.parent&container_width=1073&height=100&href=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&locale=en_US&numposts=5&sdk=joey&version=v9.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6865f68f93150ed8db734c6f5b6c4ae7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 9E050emfhXSSycvvbpOOc4ErGxcyUt0wD+e+IZW8FwB+sxwvALnIyHKZdaDfO9OvpAkLxZ+1d+27WU9LmILm6A==
x-frame-options: DENY
x-xss-protection: 0

POST
H2 200 get-paste Show response
pastes.io/ 961 B
2 KB 440ms
440ms XHR
application/json 66.29.132.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastes.io/get-paste

Requested by

Host: pastes.io
URL: https://pastes.io/assets/js/vendors.min.js?v=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business140-5.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

941d4df8b37b676a9232e2670c57ba3f82030bcbf52fba9b8b24df887a2ecaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://pastes.io/vtb8s0nd6g
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
x-powered-by: PHP/7.2.34
x-ratelimit-remaining: 54
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, private
x-turbo-charged-by: LiteSpeed
x-ratelimit-limit: 60
content-length: 961
x-xss-protection: 1; mode=block

POST
H3 200 v2urj3KMCUOYym3haLXYIE2pxlxk4q5ck8Xrnb0HjdAjdbJ5o3OOu7YVZxzhcED82wA3atdCD Show response
dustyhammer.com/ 206 B
233 B 47ms
27ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dustyhammer.com/v2urj3KMCUOYym3haLXYIE2pxlxk4q5ck8Xrnb0HjdAjdbJ5o3OOu7YVZxzhcED82wA3atdCD

Requested by

Host: dustyhammer.com
URL: https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

a2a5f0607617d205700ff9466ba88f7d005a9d67aae6bd9d47dee8ead083741a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://pastes.io/vtb8s0nd6g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 27 Apr 2023 13:24:14 GMT
via: 1.1 google
x-buildnumber: 832971200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastes.io
x-hostname: fen-hoothoot-europe-west1-b8mh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 27 Apr 2023 13:24:13 GMT

POST
H3 200 v2vwxDsPr8HFxd_pOvPmFgnTE7WeUGImBVsDDb1F4hJfrE2JduE4vyquYH9CI177AAo-xhkTs Show response
dustyhammer.com/ 3 B
27 B 19ms
19ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dustyhammer.com/v2vwxDsPr8HFxd_pOvPmFgnTE7WeUGImBVsDDb1F4hJfrE2JduE4vyquYH9CI177AAo-xhkTs

Requested by

Host: dustyhammer.com
URL: https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://pastes.io/vtb8s0nd6g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 27 Apr 2023 13:24:14 GMT
via: 1.1 google
x-buildnumber: 832971200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastes.io
x-hostname: fen-hoothoot-europe-west1-b8mh
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FE5 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMVaPfXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBLwBT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKXvynVAl_7qOM5r-EkDyZHWmBMt28PrNZVMLAFG3k_tPHhNwneQKABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ2MDQ1NzA4NjgwODI3NDcYAA&sigh=FR8UXtM50gs&uach_m=[UACH]&cid=CAQSKQBygQiDBFGSyXq48_lWvHORoU_nxj9ThtmYr8aBo7o0Q3huLLbuu0tXGAE

Requested by

Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2FE5 0
0 45ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j9bvv0tjvx86q7tq1e0afwjxgy6whbx7shppptvtk0nx7dknbwr12jxwvt9hny7f6yp8fxs1tw2h7824m0zjbmpjz3av28js2nfbh1rs0194yfhyemkay2bt3x7mkc4cbq0121k2dcexh9gkvys9hwshss9xp4mfejam150fkfve8dk9a6hfzsn85w5zgctttpjw8bdfnh1t5mv0hkbzm6y2526361ezt9q1d12dryagjpswnk0rbyx37zpb5h60wy4tmsfvy0m53hsm2cj18j0prwen6w3nn6g45fgc2hjqzwktfmkpcak6hndem0kb6mg662spq01ekc2n7k0tw9fkgwrp67mg58sdr09hz0mwjw0zg8fx0gwr561xs9n0vcqw1x2sdmtvs0&b=ZEp3fQAPOecKYmQGAAaQjVH89SEhiRO67gNs3g
Requested by: Host: pastes.io
URL: https://pastes.io/vtb8s0nd6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Apr 2023 13:24:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 39F9 2 KB
2 KB 61ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de98b3b34e5da21572c310ab3da4237eb721172c20ae8f31814493efd9f8216

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be762761a29bb7d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2FE5 3 KB
1 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 13:05:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C890 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 12:11:52 GMT
etag: 48472445140208031
expires: Fri, 28 Apr 2023 12:11:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2FE5 19 KB
8 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 02:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2FE5 0
0 47ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeIxGjXywWsrKUyrlcw9heRLHRI0yk8bQprzQmh39Zh8WKwusLT54_BRuIU_UfRngX2s_Te7-3deNBNIKJDI4Q272jfw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FE5 158 KB
49 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 13:24:14 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C890 0
104 B 93ms
15ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAPX8-OL949AzZKBuIfTitM&google_cver=1&google_push=ATf1kGOR4dHxl5C8-fvXb72B_SMBTSjDeuHnTWj1qQlpo66-wQpytaGtPr0TeY6_vHlsP58IDjSwvOOEyHD-bQ1COyfFK4dHveYS9oQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C890 70 B
265 B 116ms
38ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIa61xPn4UTtZpsMmW2Ccsc&google_cver=1&google_push=ATf1kGPkIR6ojge4mhB6G9AQKGaZWQJNYFELRojih7jRu4tEvvPZHvi5pKEGTTPuj5fC4UcpBmGh9aE4Mc7GkKlxUMZ54RpdHDl8xkk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C890 0
187 B 65ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIWq6szKYeHoF7VQnKBui5o&google_cver=1&google_push=ATf1kGMhZtV6HqimrvMRdwFnm4VETWDy6jqmImaOd0Nj5eVPZpGWl-7NhK5KSFO_VP4O1xa9e-Z8H1U0YBsBsA0lelSuvRNEi5FnAws
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C890 0
98 B 50ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGM8vUMYQl4-EnyUlUm-bSh3bztUwjJnDYOR8C7H0fcwWRCTWqHscWXkvFPSzqqyXzwlIfgffn1a4pZ7-p_35qeKJZUMiAHjVtk&google_gid=CAESEAxfu-wKsGrek8I7Y6U9Wyw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1682601853&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fvtb8s0nd6g&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682601853481&bpp=1&bdt=1056&idt=308&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1073x280%2C1073x280&nras=1&correlator=4257856153566&frm=20&pv=1&ga_vid=2042652090.1682601853&ga_sid=1682601854&ga_hid=1776608704&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071258%2C31071756%2C44788441%2C44789761&oid=2&pvsid=2747433721430647&tmod=462824528&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s3ScIWcVkP&p=https%3A//pastes.io&dtd=311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C890
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOZOEj1CbZHJE76ojaqkq_o&google_cver=1&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPl...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOZOEj1CbZHJE76ojaqkq_o&google_cver=1&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=44105228-5336-4e56-bb35-2b0ac3bf0d75&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY&google_hm=VSj3pGnoRJeT3Y4ZmrDW...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY&google_hm=VSj3pGnoRJeT3Y4ZmrDWRA==

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNKUiR4gZ7QoaSImmThLN3pqni8t_rmxq-5IRW1p9kAI-cqMHWWegfWNm_XlNpUOKJk38mwo2LFgpxeh3pA4bPlj3UkzqsmxHY&google_hm=VSj3pGnoRJeT3Y4ZmrDWRA==
date: Thu, 27 Apr 2023 13:24:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C890
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOSuZ_n...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOSuZ_n...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MjcxMzI0MTQwMDA3MTU1NTYyMzEwNg%3D%3D&google_push=ATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKb...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MjcxMzI0MTQwMDA3MTU1NTYyMzEwNg%3D%3D&google_push=ATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKbDX1TRxHquO1RFFOgMrpuk4NNDWB-6xrpI

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA0MjcxMzI0MTQwMDA3MTU1NTYyMzEwNg%3D%3D&google_push=ATf1kGOSuZ_n42qO7UQjTb3YZX6Hj3jt-A4FDpxcXjso3n5YP0tYw240SuIUAeQG2Y0dKbDX1TRxHquO1RFFOgMrpuk4NNDWB-6xrpI
pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 27 Apr 2023 13:24:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C890
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p5w_BjLWTVqpH9yxXq_sGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

20ms
19ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p5w_BjLWTVqpH9yxXq_sGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGONdlfM1hYmSICmf2mJzny7GCVblQem-lBWerp66ph9VvphvpRLd9jbOqVLxp8V433NBfFACP-Yjvy95Yv-D3oFP4qal_HXqzI

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p5w_BjLWTVqpH9yxXq_sGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGONdlfM1hYmSICmf2mJzny7GCVblQem-lBWerp66ph9VvphvpRLd9jbOqVLxp8V433NBfFACP-Yjvy95Yv-D3oFP4qal_HXqzI
date: Thu, 27 Apr 2023 13:24:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C890 0
130 B 42ms
17ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbbH8TV1KDslp8GkE4cVFl8bPLrnRF5XYGOiBznza6QIVPrfHmA6uCQKw1eOSZDLnnhQLN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 2FE5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79c61c65ab11298c850945210542e41f0bd9b8e680f41d1b52523a9d494e31c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 39F9 94 KB
12 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 181172
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xF3i%2BGio%2FfdYybf3VwXZzRywak4bpacFRBoHhvOfNGHyYuIQQY97XPDwYUAjYhf%2BYvkSyIB5taWVVLgXtHydE0aChkw7OcDk97rrLYXXYpT9rcHAm4On4CnxCwZkEaCjxJtHi2DZcE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7be762769af7bb7d-FRA
expires: Thu, 27 Apr 2023 14:24:14 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 39F9 25 KB
10 KB 37ms
21ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67648
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exl5TUciCb3IrxbKCmvoKPwVsZXuIURmOWncF%2FWGmNPwf6oK1CIqkmgIlyJw8W%2FY7AdTKL2uLy3%2F6zrgYnkbuQjw7hLUKZumDlJGoAX5U6R5sTkhwWoPzJvW%2B%2FVgB%2FwSQpsvee4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7be76276bb29bb7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 25 Apr 2023 13:46:03 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 39F9 3 KB
4 KB 167ms
73ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3189
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=541v8Etz%2F55zdL%2BukwD8bdlEBVrpBKbwe%2Bd3sR1da9WPXskoxSbo8LbDf5aw0Qyh%2BkFVHqGvlGKuZTxFDJ0YTRWnJV7%2BnG13bxZqmjbffPdH%2F46HjwYMtwQ2gdUHvOoezwMjhU3gGJEyrQYe%2Fg6VQJfM"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7be762777b029a03-FRA
expires: Thu, 27 Apr 2023 12:35:59 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B340 2 KB
1 KB 21ms
21ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 325514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7be76276ef55694c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAyUpq1JJL4AnkVOsbtHIkbfnF65h5JxTAQcNV8OyIOzSaUm18Mpk9O5vwW988dW4Ra5QyoFmzvJ8fAkvndfZqLyBUqE%2Flp83IJ51rsQZuvfvrkDhkmNhOLgqFTQO0yJkwHhj6A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 39F9 1 KB
2 KB 38ms
35ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf198deb5150475810e280eb8001ddd85b88557b52a71398e4b5c8ed880488d1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDT%2B6qCPLEKixOF0O0SplbuwHNvi%2FXgbSSp3hyJ2PCOzJf%2FNOML01X%2FN1C8xQRIvOBru7ZCxUyUxe8VNC6zkvDZRz0QveS4PII7GFMvher7TaxO%2FceqZldiA%2BCMXw%2B7gLJqxOeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7be762776f203a61-FRA
x-backend-server: aa-reachservice-group-europe-west1-0ps5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
29ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7be762773ecb3a61-FRA
content-length: 24
content-type: text/plain
date: Thu, 27 Apr 2023 13:24:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kCJo6EADx53JdD6M9XXKeW6aNJpXF%2BAyEXZMYkzhxi85pocBpn87aq27nZZ1PMOImSWb1FODZ7pB5J8dZ%2FRlKyYiFlJLTK6dK0OmnLTpj84%2F0JPPkuOvhPoK%2BHOLjJSvCQNNwI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0pxx

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2296 11 KB
5 KB 33ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e090ec7aff77a988ce1ef6ff0b31867834e62601779546e585afc2fc91d94c8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be76277a826694c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:14 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 2296 94 KB
12 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 181172
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FNkQLZlea4XSn7fpS0fS6zinvTE03hfynLH14atMgxOLS59%2B%2BKYkEOi8gVoEGJd4faDsNsqjet%2BqGRE3pEsvRU%2FuSzEXAiC258602eAdwXGu0ecCRVd9xltW91gslYTKYaVZH3olMg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7be76277e8ac694c-FRA
expires: Thu, 27 Apr 2023 14:24:14 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 2296 2 KB
3 KB 44ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1528460
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE4eXTHtKlcK1PQjLEuHACsMNdF85faDST7wyZmU6Av%2FMKDqYCEKJO23tRa%2FiZGu2PsYt69u6CKBkhyNN0PIVmNMdmo45jVzEbHjggf9%2BBdE%2BYd7IIEWVk2IpIaqU7ET7%2B9vym8X%2BdBnpBWz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d1fbb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 2296 339 KB
340 KB 43ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1189443
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5mgr6FovV89D%2Fv8z0pFWzvGMPskqDhEYoMUEiEos0uuQkf3NORCfPtNzaMIAGEHNhwUwQXLAgXQQJcvk630%2BWHJ4Woe%2BjiFh%2BLlpmBHXmN1JeiMwNro6bYKBNRpmL%2BUABl6zws28yHGkL2m"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d22bb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2296 43 B
704 B 79ms
52ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 13:24:14 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2296 53 KB
54 KB 30ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1964941
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BipfdNfrZXE9BUyWNNUq3BlYRHn69ijsSa95RWDuR7rHvXtfB9abFoFyTYLuSaq1dGZ%2FcDPMvTi2ymfXul%2B4isHNf2SUJzXaew%2F1LRbY5V5LiKAGMLXhmmlW5yGGv06N9U0gpOXORe0rc0VQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d20bb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H2 200 AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 2296 33 KB
34 KB 42ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2542542
cf-polished: qual=85, origFmt=jpeg, origSize=156576
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34068
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:48:35 GMT
server: cloudflare
etag: "451fa9b02ae7953b9311aefac697be7e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZqcFWJGDFqZMpaAkibvVBBRRqhHnhE0eVqwvSqnyB7w29dXM7EsDEd9Nt0fLm9w5K8PFn11y0LB7Q5ZvEzYGmIvsA%2BtUOxMtmmrJk2jt%2BVU7H4my520Utv%2FIvN94R%2FHK78mvwUPu1hbG1w%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d26bb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 2296
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIjV566Uyv4CFcHqEQgdI3kPaQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...

49 B
1 KB

89ms
20ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 27 Apr 2023 13:24:14 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date: Thu, 27 Apr 2023 13:24:14 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 2296 5 KB
5 KB 41ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1269747
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVhCVVBvWx3TOzIB%2BAePbJCuQW2wwWaBwt3AisbZZZ%2Bd20G2%2BCyvEA6INGeXvx85H2ZH7mfVJEYifn6sgZnYr0OpjVPm2vp9n4SIXhbM%2BNz%2FBcT5%2B1cHMqS6evO5bv7KzOHmkZhXM1%2FnUTtl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d23bb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 2296 54 KB
55 KB 34ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1665230
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBT0Wd1V6s02CNRI4DJ8lmgIRuV690V0q1fpSANS6q%2B9s1Jd6LNG4RwKfV3lWQQ2wh%2BLG0O2NzpLjceKm9OckwalIuRZ%2Fv996Xsm8zLrey6DWC38%2F8lZKypxDju017%2BtzUDvPHsSF%2Ff%2Foggj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7be762780d1bbb7d-FRA
expires: Fri, 28 Apr 2023 13:24:14 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2296 2 KB
2 KB 126ms
65ms Script
text/html 13.40.227.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnv89brkznwad9face0sfh4p1n03a9a6z2s8w87qmdhajctn269rhpp127zrqer0xc5rk6g7te6wkcp52wc2z2d279d4mpy9hft0zmy5ne99x524stw2rxvbwxs3124m6x3c6xv1jhsze1tbchd52mfrkbezbzqv33d7dw9xqq7apcjgy9h3nvcvtas9yqch09yvs6js2vce1zhqpsemx2sf8tbgrcxb6wwxzvbw8eafjmnqwsyh8qqfm28tqwpmb6bt%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%252526client%25253Dca-pub-4604570868082747%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.227.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-227-197.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6b351a26c9594cde6985e38e3f8442806b54957c2af38a9c382eb4afe067859e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:14 GMT
last-modified: Thu, 27 Apr 2023 13:24:14 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 27 Apr 2023 13:25:14 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2296 85 KB
31 KB 60ms
9ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnv89brkznwad9face0sfh4p1n03a9a6z2s8w87qmdhajctn269rhpp127zrqer0xc5rk6g7te6wkcp52wc2z2d279d4mpy9hft0zmy5ne99x524stw2rxvbwxs3124m6x3c6xv1jhsze1tbchd52mfrkbezbzqv33d7dw9xqq7apcjgy9h3nvcvtas9yqch09yvs6js2vce1zhqpsemx2sf8tbgrcxb6wwxzvbw8eafjmnqwsyh8qqfm28tqwpmb6bt%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%252526client%25253Dca-pub-4604570868082747%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 05:34:41 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28174
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: EQ3QusOSG7XvPyCdOQ1QfntbcuW_IHQG9JUNgZu9bzzobSWRmuIb5Q==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 2296 15 KB
15 KB 39ms
9ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682602154&Signature=Bs2bCWdYRWXhyeLg--NEOcMhdNsKEcsJ3U6qer~E5Ow2U0gaS7msFGErJ~l1HSRzztsfBQ-w1dWdtFN-5Vp~CWTpEYnp-uClTgW9ER8OHl0iwtwOBgXu-s9kpnwduSnEhAvLL-Ltxf9E9UZU1WMUbdU8OG57ffrnaP7onyBR1sjlenM5jCS~x10M0g2el6EXQRBAuhCIumAIa8y-8HYbrikJtxSPeNP8APF0LGziuBNp92IwliWeo7pP7TQz2xkaQpnrU5rywVWNrBgHozMS33omcR07Vx547Ge1hNzZhRxJfwJkHe11lgzEwHC8R6CE8nljeZOi1bCC~kA3GxFMPQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 27 Apr 2023 06:04:45 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 26370
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: eKqF8aU0LP-BKjjeGEfwYiPGzpfqZiuBbJSLlIlh8GoAdK8PGb_NkA==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230424&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31056e8411b1f5953d4211c9faf3f9b0c9a16ee33933f73430ba545e971bb96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11112
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 13:24:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18A0 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:06:09 GMT
expires: Fri, 26 Apr 2024 13:06:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77F4 783 B
1002 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ac0fc48af56c456ffb31a410ff6a3aff959b9facd0374257c1a2f688d405215

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MBDB0LRHBUTT_nvXqSU8wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastes.io/vtb8s0nd6g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MBDB0LRHBUTT_nvXqSU8wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 13:24:15 GMT
expires: Thu, 27 Apr 2023 13:24:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 18A0 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 11:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 11:27:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77F4 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230424&jk=2747433721430647&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 18A0 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?womXgQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FE5 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF0pBzRts2g1llq4aF2goLgDrhtrNFnH4ffQGzblTppA8sljUh97YU6RX7pJUPsmCSZ3Rpz_ik5nZXj4IHS6H1T4XK&sig=Cg0ArKJSzF4LGxyDF-UVEAE&id=lidar2&mcvt=1062&p=0,0,250,300&mtos=0,0,1062,1062,1062&tos=0,0,1062,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.58&if=1&vu=1&app=0&itpl=20&adk=3682033334&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682601854372&rpt=74&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 13:24:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2296 16 B
232 B 73ms
73ms Fetch
application/json 3.9.33.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.33.137 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-33-137.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 13:24:15 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
21ms Preflight 3.9.33.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.33.137 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-33-137.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 27 Apr 2023 13:24:15 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230424&jk=2747433721430647&bg=!cnGlcSXNAAYfNdXmPzU7ADkAdvg8WrjCPU8uRG_v6c2EMtSzeqyfWIdojV4jBKtFiEOS8LF8ONRYXw_hODjO6VvIHoNiMt7S0iMCAAAATlIAAAACaAEHCgBe-ja2e4iDJ7wfQbth10jFh2tY67E4KqNjOUeDmX0pfa5c68Eq1en6MdH-UU5WEtlZbDfN2sy8StzxVc9B8umKY_mEw720sNUYT7GmyDxpJWnwK-HeOx1PAXm8CxNF2JkC4h5krJ6rUkMe_2ZlZSdxMoYwHCQSLlwSZJaAzVmg3MfQLKzSVdS-ZJYqlNRR56ZRiXA6hevQXdK8Hl3Jr-vjDFiawVIuzFzjhoNUwPbHcn1vIwBqRi86Hngs0sJHKxCnrFXME8r9qUW9MB_E55xaSuM-gtOh8OKzATmlM21I_YdSHmVHvi0WFERGvoOmlvi_zi30g94qxAexbxaC6qHcgOIJpWLodS6FW7_7iwVqvL79XP6TFljtn6H0hr1Jery73q3eTfcrL7NECCFBFQ8X_R18NzeC5FiG9Uo85zavKUaqAL0kE0DohoHNXUcagnqxlaTGkXf3t-jVtFEpG2JWtks6lOs3dpm1bIW2h9AUBM0NrgfUosXL4ZJs92CwONHdvTuHGSmwoNaCgKlnaNOfqUEDjULVJX35DbRmYFX89QYXXjimqShdII2hVqHN1Un65K8i3nLH6crGCCdmnj7fTwzbhKkrJgx1WiGuuFxGPgtYknNK4MjVJVWxXe_hh0FAYAuhJRWwQ2VIHC4A-kbMNJvX5FBr6CP5lR8Ly4lPJ_CfP2jCpi9sidWDd0mo_9akFvMcar2rARPiEYQN7AZK9gSGwyqALNiUfzi2RF7XYvup-4rRb4LzW92LkvTLP7WFH3AhC8Rq6TrsUK21G7yc7s7Qah1FzF6-blXQiDbysSQHWBey_MNG6yXMftQpkIpICd7aTuSpZzvvzRG2fMLQo3lw17JdUenMtY4ix44kHhnvdS41HwV0fEzGLlSOJWCIX0E4YAneyZ7ODcnWKNjR4qOSs9xm6GUku3my6LiRN0qNNLb5ewH8RqwItpghMBNA68jLSeXEiOrbboNEiPM6yB0p1_SEvHOD9HGhk73AhPnTKaDRnBGC-DlIxCTq-p-mALFFU6bf2aAj2-EOoIba4UoQys197iaW_t-1iFOpxuZctuvAhn0bZ45yxgpN47OcObjcEneGwK_A2XNe_v0Okccbyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 track Show response
t.counter.dev/ 2 B
490 B 149ms
49ms Fetch
text/plain 2606:4700:3030::ac43:888b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.counter.dev/track?referrer=&screen=1600x1200&id=f9eedfb8-c242-4d48-9840-f7f9cccecd7d&utcoffset=2
Requested by: Host: cdn.counter.dev
URL: https://cdn.counter.dev/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pastes.io/vtb8s0nd6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:24:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwFbeGqVzTL%2BJi9ds1ZM7rvzABoPZwae7yvuGXJeZ59YEEkoiCxW1IoyoHANSC1FIfolWIex2pcqHa6fv5J6D4PtPzkoEij49jdut3eKdquprJ20nomo3uUznJWRhCAPPkCrs5xR6%2FWSNLng"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cache-control: public, immutable
cf-ray: 7be7628fed533a5a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
expires: Thu, 27 Apr 2023 23:59:59 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pastes.io/	1970-01-20 20:59:21	Name: _ga_3C9G1SS24S Value: GS1.1.1682601853.1.0.1682601853.0.0.0
.pastes.io/	1970-01-20 20:59:21	Name: _ga Value: GA1.2.2042652090.1682601853
.pastes.io/	1970-01-20 11:24:48	Name: _gid Value: GA1.2.417149502.1682601854
.pastes.io/	1970-01-20 11:23:21	Name: _gat_gtag_UA_216162563_1 Value: 1
.pastes.io/	1970-01-20 20:44:57	Name: __gads Value: ID=927bbf8c1082ed66-22356dedafdd00ef:T=1682601853:RT=1682601853:S=ALNI_Ma2JR8y_CQJYsudaFKFmGYyZvDUmQ
.pastes.io/	1970-01-20 20:44:57	Name: __gpi Value: UID=00000bf17d8a6f47:T=1682601853:RT=1682601853:S=ALNI_MaqUra7_aFJvEy1hbwHYrRntKgc6w
pastes.io/	1970-01-20 20:59:21	Name: sb_uid Value: c8lyw061fmh
.pastes.io/	1970-01-20 20:52:09	Name: _awl Value: 2.1682601854.5-d2a91bcdf64911b389d56437241bd8bb-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 20:44:57	Name: IDE Value: AHWqTUnNPcc_8OpcDalWVhGyBbejlXdMGcCiwLgbL6TTi8ccCZkp4nTYcazsed5PuGQ
.pubmatic.com/	1970-01-20 11:24:48	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:08:57	Name: KADUSERCOOKIE Value: A79C3F06-32D6-4D5A-A91F-DCB15EAFEC1A
.bidswitch.net/	1970-01-20 20:08:57	Name: tuuid Value: 5528f7a4-69e8-4497-93dd-8e199ab0d644
.bidswitch.net/	1970-01-20 20:08:57	Name: c Value: 1682601854
.bidswitch.net/	1970-01-20 20:08:57	Name: tuuid_lu Value: 1682601854
pastes.io/	1970-01-20 11:23:29	Name: XSRF-TOKEN Value: eyJpdiI6ImFNclNaQXc0UzZjQ2M1VmpOS0l2VkE9PSIsInZhbHVlIjoiT0gwZ2g1d3pkRFBHQ1pZUHZET3l3YUtLSWQ5YWtnM0FaWkVXRG5SRFVTN2dndE9ES2dQR3hmOEU4dThBQmVhZCIsIm1hYyI6ImE4NWRhYWViMDA2ZDM0MTc5YzQxNTE5MzEzYzZkNTU5ZTRmZDEwZTlmMmY3YTgwZTQ2ZWIxZGE1NzJjNjM0M2IifQ%3D%3D
pastes.io/	1970-01-20 11:23:29	Name: pastesio_session Value: eyJpdiI6Ilgwa3AxK2x4bjBJbW9wdGJMQWRtaGc9PSIsInZhbHVlIjoib1FIdXdrbjFENzNZOVNqVkpERGFcLzBVQktMWVZ6dEgzVWxWWFhXV25WXC9iSGJjTDNyYThrQWxnXC9RNDhEK3VaMSIsIm1hYyI6IjliNmJlNWEyZTVkYmYwMWViZGY1MWE5MTExNjliYzMyNTljZGRkZGI2ZjY2NzA5NTNlY2Q2MjM5NWYxOTljOTAifQ%3D%3D
.scoota.co/	1970-01-20 20:59:21	Name: tuuid Value: 44105228-5336-4e56-bb35-2b0ac3bf0d75
.scoota.co/	1970-01-20 20:59:21	Name: c Value: 1682601854
.scoota.co/	1970-01-20 20:59:21	Name: tuuid_lu Value: 1682601854
.awin1.com/	1970-01-20 11:26:14	Name: awpv20044 Value: 412871\|1682601854\|ce060303-e4fe-11ed-afd4-223664211a24
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.e.dlx.addthis.com/	1970-01-20 20:53:36	Name: na_tc Value: Y
.addthis.com/	1970-01-20 20:53:36	Name: na_id Value: 2023042713241400071555623106
.addthis.com/	1970-01-20 20:53:36	Name: na_tc Value: Y
.addthis.com/	1970-01-20 20:53:36	Name: uid Value: 644a777e321a4839
.addthis.com/	1970-01-20 20:53:36	Name: ouid Value: 644a777e0001d80acafdebba18772073bf24ba0e0a660aee5d26
.dlx.addthis.com/	1970-01-20 12:06:33	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 12:06:33	Name: na_sr Value: 20230427
.dlx.addthis.com/	1970-01-20 11:23:21	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 12:06:33	Name: na_sc_e Value: 0
.o2online.de/	1970-01-20 11:33:26	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MjYwMTg1NHZsZWExZGUyMDIzMDQyNzE1MjQxNDg0Mzc0MjE2NTI3WDExNzY4M1YxMjI2MTMyNzAyTVN2aWV3b25laWRnazhhOGZyZkpWMnNQSGJIOHQ1dHJyQVVtU1FUOTk4c3dnellvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2ODM
.o2online.de/	1970-01-20 11:33:26	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 11:33:26	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023042715241484374216527X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MjYwMTg1NHZsZWExZGUyMDIzMDQyNzE1MjQxNDg0Mzc0MjE2NTI3WDExNzY4M1YxMjI2MTMyNzAyT

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g0qv0n3ah5qrn0kszmbkbq9scpygsj24t3c6fcyqht1m1zdnfp5g83g1vph8g3kk1wmhbwz7py4h8327ps0bz83tae76yemawbj2ksyxwv938hvpcmr9dfqnwmv66an2a2jxytc4t6b8n592dct4dchrwfjv0zf4ggwegk32s3e2n06apxq5kkt8cfnp93ajqe3z7tayhx3mm72qsyka42kpmm5tkyqmjm66x6zc656z6de7dc8ct8wfzq5ebkjs5zqk1kkwaz28kx8wbra8s8j8vjqam8ge5zhtqmxw2kxvtb29aabfhca5k8wwy2xbwpv5548wxpwg522vhzs80ngcjz292w9ahv34d2xt8dcxyvxdyf38by75sq1dq7b25fnar1es2da75td3dwnf06z9q9dr457rw9bmaa73fv54qrg2yyt14c3p96besqc1xe465bf34&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%26client%3Dca-pub-4604570868082747%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGM8vUMYQl4-EnyUlUm-bSh3bztUwjJnDYOR8C7H0fcwWRCTWqHscWXkvFPSzqqyXzwlIfgffn1a4pZ7-p_35qeKJZUMiAHjVtk&google_gid=CAESEAxfu-wKsGrek8I7Y6U9Wyw&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6462fdacd5d4710c046f310a41132a6c%2F10989761839579918329&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682601854648&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytrkmrtz45qwxfg15nypsfnk16qe1j0797gfy9sjgqrjtgmg8zj2rzt62ebmhz1b7th0q9n37nmb9cdfttch8qgd7zj6n4cg8fw0m2ydnta5mxtxpysgk993e4879cxzac4wb5vg15zy49w124ce7tqv6ym2srjv331gxtsfs582n8ewt6qeda9pcagr0avpn6k03kj3fw3332vd9yvdfksbdax2j3y993m53r0da0dz3dh21y5d8pjxk8vs3ebettt7ec01f0b6v080gnqq87%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LR2fXdKZOfzPIbIiQONoZogkOGBhFy2qMKK8ALAjbcBEAEgAGCVwvaBlAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakC9i9uvkuJsj6oAwGqBL8BT9CbuA5KD95_yAPLShKe4FPZ1vaj2Zamb9IjsDvM2AeYOVCpEgnz4RAbXhxyQCF9D2gQIjN4P_IXA-QEEtrlXL0LlarvbB6uO7dWrJOAGjfHcnXEPD_zJRmU3lBoHYFbv_vOmEev01jUZcGh7XuYP6HMLeBrmpA_E4QpX8dp1-EgsCpTapsLC6_SJ3kZv1xS7u8LPSpKHP6Gxt6GaeNEYfcSSnUL71CVOHC2EKuE1ACJhpVw4P_fUQC4OcquL--ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Y8YhWdWqNJso7S-WuLG88SDR69Q%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.qrserver.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.counter.dev
cdn.splitbee.io
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dclk-match.dotomi.com
dustyhammer.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hive.splitbee.io
id.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pastes.io
pixel-sync.sitescout.com
prod-rtb.ad4mat.net
r.scoota.co
region1.google-analytics.com
static-de.ad4mat.net
static.adsafeprotected.com
t.counter.dev
tpc.googlesyndication.com
track.webgains.com
ui-avatars.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
13.40.227.197
142.250.185.226
167.233.13.224
172.217.18.102
18.203.106.14
18.66.147.41
185.64.189.115
195.201.128.178
2.23.197.190
2001:4860:4802:34::36
23.210.125.176
2600:1901:0:4277::1
2600:1901:0:76b9::
2600:9000:223f:c000:8:48e:53c0:93a1
2606:4700:20::681a:578
2606:4700:20::681a:9b9
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3030::ac43:888b
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a02:fa8:8806:16::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f128:83:face:b00c:0:25de
3.33.220.150
3.9.33.137
35.244.174.68
52.28.142.98
66.29.132.145
84.200.5.215
98.98.134.243
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
02b9a8b9c4ed049d64815ec724f89337d7adb256a38aaba7f2a5153eaee40ba7
080cf84d0bfb4147fefe010586363b5cc2928448083b097cef341b9d8e9b3bc8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12a62e2722718736eb1c31e10843eca15e31a2efe648596eed3e4a6e33029f3a
13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
154884fb0942117405532f2c9f71e1c46c08cb51db6e520ca420edd68ff8909c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
1b5f3aff30b52d5416aa84b755f1920f99cfe913eec2e01ac0a2c1e72d2994d8
1c16b130481c85b8ddc5029f9a09e6e2a51cb7521963b3b4a1d713bd991ac5fd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31056e8411b1f5953d4211c9faf3f9b0c9a16ee33933f73430ba545e971bb96e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
347cd3ada9898f6dce9635212196ba165dfb4ae336d17ce6318b3d27bd612175
3b8aa2311d3d785a225afe46d73cbb380739529ffbdaff1d301c7b72bb6ffddc
3e090ec7aff77a988ce1ef6ff0b31867834e62601779546e585afc2fc91d94c8
3e3d7c9bde7b57297f82b8ebce7ecce13024e592bb72f035682248e472c6bb88
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4353a7702a269ac78f59dce6e0f46c1defaf681c074fec7f19b77be823d781a1
47db6c4edd2d6b841cfec4e4c4fcd6fd248d896d1919aa63a044a91e2835709d
4ac0fc48af56c456ffb31a410ff6a3aff959b9facd0374257c1a2f688d405215
4cdf26c6af4a94a66df9af4447328d1ea96b5dd3f5dca3dff60f6d738814dc04
4e31b7948bf118320a749843c68dc8198351a7ecb7c431d2d3494ea558a79e5a
5068c4c078aa75505850d2b7993bd805a8d0396202ddfc37429b8247010f9a8c
523a9b2814dc2706a78b77d79dbdc1e945a0b85f22118028b8cb139f8db948a5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5907e384d32e195400edb93c680c280fce75580a5146109df10a9ee1fe56b616
5abda823cbbf370ffbb52bc61fbabbf4d2f3eaa04e146c9805273f066a100a58
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d6fed4682df44d0d96a062f9b0a091a162c9ce179c6896d94ad14b388a52df4
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6627bc28e8146b74ea4ec350fcae199b56899eca78f6e2b508a17876ff8dd3d5
694914eb4247927229e1c677ecade7674aa59fe6f12f91483333940a32c9cdf8
6b351a26c9594cde6985e38e3f8442806b54957c2af38a9c382eb4afe067859e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de98b3b34e5da21572c310ab3da4237eb721172c20ae8f31814493efd9f8216
726a79a3fb6de54b73b65ab64ed65a74c015ea5a949aa0b9268799de176f509c
7870b15ec652b5f84c566983875510670573e910d69b10d3a2146bc20fd689fa
79c61c65ab11298c850945210542e41f0bd9b8e680f41d1b52523a9d494e31c4
7c38a24d67bee37a216b42687de11f5f77a2d16b81171a654823ea926331e280
7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7f8a524cf4f533c441ec342a397566f44c157c1a4ee8830eb49db90088bdb0ba
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
8ba667244df955de52c5b40ba4e58473a1eb1aada2292f31ff441dd449755d71
8d42a3b02b774ee2e6b2ce470dc1116d28566443e0fceb46cf1e13bf3c3f9b0f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
941d4df8b37b676a9232e2670c57ba3f82030bcbf52fba9b8b24df887a2ecaf1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
a2a5f0607617d205700ff9466ba88f7d005a9d67aae6bd9d47dee8ead083741a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c5d9c8b471e9f7f0a70e0d5ba053c14d650aa16cb22be0cc1b85ba31d9d96d
a7b489051d44d2c22ed5121c6112d82a4e73103ad950779a9a37bba2653b1216
a83a82453e71bdee518a9f06b4998b368882b48da5e45793af6cdc932d40cb68
aa730424801f53a2e5d344701b2fca2680ebf9c1096aed1d7e5fdff3734f3f39
ac49004fc788a143bc04f0b1bc3d892639e3451832a80c22f10fa02e3ae28a49
ac69939a25223ffbb9055f9a54a429bc6bb24d1fa00af9953e48a79177da8182
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1c53d37faa5005c9dff43ae031a0e7ddbd046846f19e0ef4403175b1171f9b3
b3ddfb37ed78728bb94cd31a9077ffc214ce9f3853218d8bfb1927a4ee291efd
b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279
bf198deb5150475810e280eb8001ddd85b88557b52a71398e4b5c8ed880488d1
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c3a2cac32bf823c2471cf452f0bce665426faac61a03be6c92269ea60ed58db0
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c52c1d627b1ed6ad74293c28ae35553f9de96f2fff926f7e4018618247cb3c98
c73dfd28de1fea67655102d3ece0bc053e07154916f0e32af50e5e3be116eaea
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
d1402e2c2f670d0f6fb696407b6c32549985629f6a85c3f946e25e2b60b315f4
d5e098d2863808a8705f9d74d232575aafbcb218580ab21db42cf736991e67d2
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d6d4c997ed8dbfbc53b534e15ab70ee0f2e7770947d828f2cd4dd683449da81b
d8113222855baf9f8bc347bd6a7e50212675855a8cf5ae764c1d222ae95a15d2
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
db15c73725fb887ad2f55038e3170602a4efb0ef8c0ba3c04e19ec2bb07c40bf
dba5f1a65b2f4f42fa650d92f6900351a8878170a0b216f17a011712c83d73d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb9f900ed134c11779a555c7536da1ba8ac36d303d95164c96e2c5f765e03192
ed7ab948c1df8600b122c4bc1a668b9ce246e200ae1053f922e0bb3663ef123b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55612e4e7e147e7a7e1b1adae8d6a858720cd29a679fc1297a05beaf5aa2d36

pastes.io Open in urlscan Pro 66.29.132.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

97 %HTTPS

57 %IPv6

37 Domains

48 Subdomains

37 IPs

6 Countries

1619 kBTransfer

4153 kBSize

33 Cookies

3 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastes.io Open in urlscan Pro
66.29.132.145 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

97 %
HTTPS

57 %
IPv6

37
Domains

48
Subdomains

37
IPs

6
Countries

1619 kB
Transfer

4153 kB
Size

33
Cookies

122 HTTP transactions
1 data transactions