urlscan.io logo urlscan.io
SecurityTrails logo

pastes.io Open in urlscan Pro
66.29.132.145  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastes.io/dwkbkmuilh
Submission: On February 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 10 countries across 45 domains to perform 185 HTTP transactions. The main IP is 66.29.132.145, located in United States and belongs to NAMECHEAP-NET, US. The main domain is pastes.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2022. Valid for: a year.
This is the only time pastes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 66.29.132.145 22612 (NAMECHEAP...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 88.99.85.235 24940 (HETZNER-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:1901:0:4... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
2 2 3.122.16.208 16509 (AMAZON-02)
3 19 142.250.180.194 15169 (GOOGLE)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
4 4 18.195.73.173 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 51.75.86.98 16276 (OVH)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
2 2 69.173.144.139 26667 (RUBICONPR...)
4 4 104.18.33.19 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 185.86.139.93 201081 (SMARTADSE...)
18 2406:2600:4::1 55569 (CRITEO-AS...)
2 178.250.2.148 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a02:2638:1::8 44788 (ASN-CRITE...)
4 2a02:2638::21 44788 (ASN-CRITE...)
2 2 142.250.180.230 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 88.99.63.132 24940 (HETZNER-AS)
1 2 104.103.100.111 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
185 46
36    66.29.132.145 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business140-5.web-hosting.com
pastes.io
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
13    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:20::681a:8b9 (United States)

ASN13335 (CLOUDFLARENET, US)
ui-avatars.com
1    88.99.85.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.85.99.88.clients.your-server.de
api.qrserver.com
2    2606:4700:3036::6815:5e8b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.counter.dev
counter.dev
1    2606:4700:20::681a:578 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.splitbee.io
3    2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dustyhammer.com
2    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2600:9000:214f:d800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700:20::681a:478 (United States)

ASN13335 (CLOUDFLARENET, US)
hive.splitbee.io
9    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    3.122.16.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-16-208.eu-central-1.compute.amazonaws.com
pm.w55c.net
19    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    18.195.73.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-173.eu-central-1.compute.amazonaws.com
match.360yield.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    2a05:d018:d29:3602:81a6:56d8:c5db:8c4d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
18    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
7    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
4    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
2    104.103.100.111 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-100-111.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    2606:4700:3030::ac43:888b (United States)

ASN13335 (CLOUDFLARENET, US)
counter.dev
Apex Domain
Subdomains		 Transfer
36 pastes.io
pastes.io
357 KB
29 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
pix.eu.criteo.net — Cisco Umbrella Rank: 7989
csm.eu.criteo.net — Cisco Umbrella Rank: 7891
448 KB
29 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
ad.doubleclick.net — Cisco Umbrella Rank: 184
50 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
234 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27638
ad4m.at — Cisco Umbrella Rank: 9391
assets.ad4m.at — Cisco Umbrella Rank: 39464
733 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
ads.eu.criteo.com — Cisco Umbrella Rank: 7817
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740
92 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
55 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
r.turn.com — Cisco Umbrella Rank: 3187
2 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2166
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
145 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
region1.google-analytics.com — Cisco Umbrella Rank: 2456
20 KB
3 dustyhammer.com
dustyhammer.com
22 KB
3 splitbee.io
cdn.splitbee.io — Cisco Umbrella Rank: 354654
hive.splitbee.io — Cisco Umbrella Rank: 300317
5 KB
3 counter.dev
cdn.counter.dev — Cisco Umbrella Rank: 280872
counter.dev — Cisco Umbrella Rank: 146646
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
194 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15368
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
651 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
923 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
490 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938
static-de.ad4mat.net — Cisco Umbrella Rank: 113105
4 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
2 gstatic.com
fonts.gstatic.com
62 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
88 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 57500
671 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76484
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 66678
437 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 67818
262 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
45 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
265 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
464 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1634
351 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
713 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12230
557 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
863 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 616
466 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8741
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 858
602 B
1 qrserver.com
api.qrserver.com — Cisco Umbrella Rank: 77604
641 B
1 ui-avatars.com
ui-avatars.com — Cisco Umbrella Rank: 48694
1000 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
185 45
Domain Requested by
36 pastes.io pastes.io
19 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
18 static.criteo.net ads.eu.criteo.com
13 pagead2.googlesyndication.com pastes.io
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
pastes.io
googleads.g.doubleclick.net
7 pix.eu.criteo.net ads.eu.criteo.com
6 assets.ad4m.at as.ad4m.at
5 cdnjs.cloudflare.com pastes.io
ads.eu.criteo.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 ad4m.at as.ad4m.at
ad4m.at
4 ssum-sec.casalemedia.com 4 redirects
4 match.360yield.com 4 redirects
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 dustyhammer.com pastes.io
dustyhammer.com
3 www.googletagmanager.com pastes.io
www.googletagmanager.com
2 www.awin1.com 1 redirects as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 d5p.de17a.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 pm.w55c.net 2 redirects
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 hive.splitbee.io cdn.splitbee.io
2 counter.dev cdn.counter.dev
2 www.facebook.com pastes.io
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net pastes.io
connect.facebook.net
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 um.simpli.fi 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 prod-rtb.ad4mat.net pastes.io
1 static.adsafeprotected.com dustyhammer.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.splitbee.io pastes.io
1 cdn.counter.dev pastes.io
1 api.qrserver.com pastes.io
1 ui-avatars.com pastes.io
1 fonts.googleapis.com pastes.io
185 62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
pastes.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-17 -
2023-12-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.qrserver.com
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
cdn.splitbee.io
Cloudflare Inc ECC CA-3		 2022-12-19 -
2023-12-19		 a year crt.sh
dustyhammer.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh

This page contains 18 frames:

Primary Page: https://pastes.io/dwkbkmuilh
Frame ID: 614DD986884CEDF5883BB260B49BDB20
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: B70D76516B04EC3AC084623415E8AFEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&adk=1812271804&adf=3025194257&lmt=1675429750&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749712&bpp=15&bdt=1867&idt=570&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8709760724522&frm=20&pv=2&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=660
Frame ID: E4A42F05C4886B412FBB92EA9E5389C5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/comments.php?app_id=327053132581361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd88acb391b07%26domain%3Dpastes.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpastes.io%252Ff1f78dee8c5ab24%26relation%3Dparent.parent&container_width=1073&height=100&href=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&locale=en_US&numposts=5&sdk=joey&version=v9.0&width=
Frame ID: C9CB9823445EA9E4F231925B7CA03052
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Frame ID: A90397B67BDB2E446A979A31FA0C4E22
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Frame ID: FA061E1554EF73508A84820AAEFF6FEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Frame ID: F0CC975162F3B7F0E19B8B2EED2D3AE2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CBLeMdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTmAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui8y-jh5nZhkKJhR9FYnQN6G3SdpX6gQqsXrSO5GXmlZWdiE8Vb6D9gAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjA0NTcwODY4MDgyNzQ3GAA&sigh=-QOyhe81Xnk&uach_m=[UACH]&cid=CAQSKQDUE5ymW4MxQPwVPtBxwBIPyFJC8p2Qcq9nwtIiS6G_9SFqviCaCeH9GAE
Frame ID: 99E8176A2D6E0EC966781A80F3F01A86
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
Frame ID: 2A23C6E643E225A75A0A9DF138EC8BAD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2884F448F7C997D3B57104CC400B7EF0
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Frame ID: 0FFF53E9670EA90E1C3B8ECB397A8F62
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C64DFABC0BC3DFFE10DDA8AE10A88572
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Frame ID: 524F3C471E9C9C4F0B5A395234AFB8CC
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88DF1235170B273D4FE3E9DF8434A23A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A3BBD813459BAA19D2A8416A112A0EE5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Frame ID: 1D1DFF873477F226795CFEAEEF79B9B5
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60364932FB6F99CAB22B269B163E4C27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1654CB397F04DA6476987EFC1CBA5306
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tonic Studios - Pastes.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

185
Requests

89 %
HTTPS

63 %
IPv6

45
Domains

62
Subdomains

46
IPs

10
Countries

2519 kB
Transfer

5524 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i07AHyS_XhgYoMp-Hd4Dh0P4vg48OUYgbQM2t18jJDaaBkK0yMgETP3w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i07AHyS_XhgYoMp-Hd4Dh0P4vg48OUYgbQM2t18jJDaaBkK0yMgETP3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWgzN2VrTEoxUG5WT3Y1&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i07AHyS_XhgYoMp-Hd4Dh0P4vg48OUYgbQM2t18jJDaaBkK0yMgETP3w
Request Chain 99
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMYWaaaouQUDd92Wbf34YT4&google_cver=1&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9JeaPYaLcJRMXN_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9JeaPYaLcJRMXN_g
Request Chain 100
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 101
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEM1I6FSZc4yyTM5G3sSmYUg&google_cver=1&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZEPU6OZ0v4VC22-Q HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=z56711rlTBKEO-fDTlMtwg2&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZEPU6OZ0v4VC22-Q
Request Chain 102
  • https://match.360yield.com/match/ebda?google_gid=CAESEMJ3QO8J2M-3uhrUDmheJXA&google_cver=1&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-lRmdqb0w HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMJ3QO8J2M-3uhrUDmheJXA&google_cver=1&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-lRmdqb0w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-lRmdqb0w
Request Chain 103
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLXdw0Iya5NF5nxEn8tATw&google_cver=1&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8mBL3jMBUf_qgN2itTXB4Lx-4bzlw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLXdw0Iya5NF5nxEn8tATw&google_cver=1&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8mBL3jMBUf_qgN2itTXB4Lx-4bzlw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VUHd2ZGtsRTJ1Ri5DekpIVjZsZHB4X3pOYnhoUXJfNX5B&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8mBL3jMBUf_qgN2itTXB4Lx-4bzlw
Request Chain 104
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJEimi_NKJO95HNLghSAMCc&google_cver=1&google_push=Aa02lx_YOq8NrcwK_-KCBnDD09gKMXtmE5ZWbwFY-lccX7DmS8WTxE0b56pnqcjH-Uo8c4JazF8x8EHMJlAWvv91Ka3HyLsJiin1Gyk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_YOq8NrcwK_-KCBnDD09gKMXtmE5ZWbwFY-lccX7DmS8WTxE0b56pnqcjH-Uo8c4JazF8x8EHMJlAWvv91Ka3HyLsJiin1Gyk HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 106
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGp0sn2ifi-8xP_P-GhaJ8g&google_cver=1&google_push=Aa02lx8p_ae3xiuLYmFiQrKg7I0zvLO4Gx-49tfPScw4Sq8cin5kMkOMFNMeKilUmp0ICV-ZDv1mx-AsHRnyeULL93QDSyde3l49eNLL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE2ODY2MzgyNjc1OTE3ODkxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
Request Chain 107
  • https://um.simpli.fi/gp_match?google_gid=CAESEF-T43_UsJwiPhMhfwwXV4g&google_cver=1&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63pyDh7r9w70Aas4sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11C6E3A2FD55472BBD87BF2BA7554196&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63pyDh7r9w70Aas4sc
Request Chain 108
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIJF1VevPAzdcLoJs0fZxUI&google_cver=1&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ3x471kcc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ3x471kcc&google_hm=eS1vWnltSVMxRTJwRm9zVE0xd21mQ0FBNmZNUkR4UnNNbn5B
Request Chain 110
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHb70MBWiYprt0kEtG0dl-U&google_cver=1&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxdc2qviEi9m2p4v76pRhsnLyEP_67I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WkotMjYtWjNZ&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxdc2qviEi9m2p4v76pRhsnLyEP_67I
Request Chain 111
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_cver=1&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5a4Vco6FNOGMeJpN7hgu0alD5nNP8usTM62fM6UZ51WKMpOOxKK8Lti3W3kCOIGn9q10 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5a4Vco6FNOGMeJpN7hgu0alD5nNP8usTM62fM6UZ51WKMpOOxKK8Lti3W3kCOIGn9q10&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5a4Vco6FNOGMeJpN7hgu0alD5nNP8usTM62fM6UZ51WKMpOOxKK8Lti3W3kCOIGn9q10
Request Chain 112
  • https://match.360yield.com/match/ebda?google_gid=CAESECE8QU2ioYOgsOq0R5gkQQk&google_cver=1&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSCsIYlEJ96fw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECE8QU2ioYOgsOq0R5gkQQk&google_cver=1&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSCsIYlEJ96fw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSCsIYlEJ96fw
Request Chain 114
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1&google_push=Aa02lx8UnkppclD_5ldrvMjYdcjOJDdrei7z-NcKBkhy89uLKrCL_zqRbUSIcZFXcoZkBQzHqAeEBz91DqFVFmcDJiX8r_G6GqcOEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1MDk2NzU4ODI3NjI5NjM1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
Request Chain 117
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHBCtUaDcLkhmRAO0ekbM_k&google_cver=1&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHBCtUaDcLkhmRAO0ekbM_k&google_cver=1&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw
Request Chain 118
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOYpaPUlmRHYVuRn6vlE2ck&google_cver=1&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMemruqteEQ83nIEU-dDWBymKs896Sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WlQtMjMtQVI3MQ==&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMemruqteEQ83nIEU-dDWBymKs896Sw
Request Chain 119
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_cver=1&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2j6e9rkSJPNv6LYIzr7amMUfU8aGnjmIsTOOQGhDAamDkhOr5nzvpTuT_vsih8PE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2j6e9rkSJPNv6LYIzr7amMUfU8aGnjmIsTOOQGhDAamDkhOr5nzvpTuT_vsih8PE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2j6e9rkSJPNv6LYIzr7amMUfU8aGnjmIsTOOQGhDAamDkhOr5nzvpTuT_vsih8PE
Request Chain 166
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKSc7Jm2-fwCFW6Z_Qcd_lEJYg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 169
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675429752_f3e05930-a3c3-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=

185 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dwkbkmuilh
pastes.io/ 		33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
5ed9cd2428f08f396dc10b8e866d1caa4d5b46179684313fb9c5edd5c903116c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 13:09:07 GMT
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.34
x-ratelimit-limit
60
x-ratelimit-remaining
59
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
199790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1624
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-3b5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2%2Fulpn90jzBNn73zlHvwNtYYk%2FJtqx4WbiZx1DRkk94q875nUp5lpkRQtMY8eGKtkqNlrS3%2BcZcv1lEhrNV7HDYkyJEyNAi11diwTvtK5gRKL9XZS5wQFjGVt%2FoIESAsS0hIZxt4%2FhECW5Of%2Fcg9lDm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793b66349ca0365f-FRA
expires
Wed, 24 Jan 2024 13:09:07 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d412e37ad91838a27d9db29a2c39f6baf75e1ca71f41566d61b114c0aa8b7886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 11:32:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 13:09:07 GMT
vendors.min.css
pastes.io/assets/css/ 		50 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/vendors.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
4891
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
bootstrap.min.css
pastes.io/assets/css/ 		191 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/bootstrap.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
8ba667244df955de52c5b40ba4e58473a1eb1aada2292f31ff441dd449755d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
37112
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
bootstrap-extended.min.css
pastes.io/assets/css/ 		78 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/bootstrap-extended.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
5d6fed4682df44d0d96a062f9b0a091a162c9ce179c6896d94ad14b388a52df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
16233
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
colors.min.css
pastes.io/assets/css/ 		105 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/colors.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
a5c5d9c8b471e9f7f0a70e0d5ba053c14d650aa16cb22be0cc1b85ba31d9d96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
15145
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
components.min.css
pastes.io/assets/css/ 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/components.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
347cd3ada9898f6dce9635212196ba165dfb4ae336d17ce6318b3d27bd612175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
14108
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
dark-layout.min.css
pastes.io/assets/css/ 		74 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/dark-layout.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d1402e2c2f670d0f6fb696407b6c32549985629f6a85c3f946e25e2b60b315f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
18235
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Mar 2022 01:02:06 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
horizontal-menu.min.css
pastes.io/assets/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/horizontal-menu.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
3e3d7c9bde7b57297f82b8ebce7ecce13024e592bb72f035682248e472c6bb88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3132
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
custom.min.css
pastes.io/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/custom.min.css?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
726a79a3fb6de54b73b65ab64ed65a74c015ea5a949aa0b9268799de176f509c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1467
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
toastr.min.css
pastes.io/assets/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/toastr.min.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d8113222855baf9f8bc347bd6a7e50212675855a8cf5ae764c1d222ae95a15d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2818
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Mar 2022 11:09:20 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
ext-component-toastr.css
pastes.io/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/ext-component-toastr.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d6d4c997ed8dbfbc53b534e15ab70ee0f2e7770947d828f2cd4dd683449da81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1226
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Mar 2022 11:09:24 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
ext-component-sweet-alerts.css
pastes.io/assets/css/ 		3 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/css/ext-component-sweet-alerts.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
dba5f1a65b2f4f42fa650d92f6900351a8878170a0b216f17a011712c83d73d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
485
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Mar 2022 11:09:30 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:08 GMT
codemirror.min.css
pastes.io/plugins/codemirror-5.52.0/lib/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/lib/codemirror.min.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
694914eb4247927229e1c677ecade7674aa59fe6f12f91483333940a32c9cdf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1443
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 14 Mar 2020 21:14:06 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:08 GMT
idea.css
pastes.io/plugins/codemirror-5.52.0/theme/ 		2 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/theme/idea.css
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c52c1d627b1ed6ad74293c28ae35553f9de96f2fff926f7e4018618247cb3c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
494
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:08 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-216162563-1
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca758171e4a358c66e79ef141975241f291d62eab0dc467bbd990e1d8321b850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43884
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 13:09:09 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22664da6d703bacc311f80027a36fd8261a7240289ef398ff4667faacaec6861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77062
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:09:09 GMT
default-avatar.png
pastes.io/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastes.io/img/default-avatar.png
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Nov 2018 00:58:44 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6957
x-xss-protection
1; mode=block
expires
Fri, 10 Feb 2023 13:09:09 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a29872c7a8f5b61d49ec50c7c4b9542b6c9236d695815820cc74a0bedd4d933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pastes.io/dwkbkmuilh
Origin
https://pastes.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:09:09 GMT
content-md5
zDmVLe/iSG88Vx90xQvL+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
Cti3x6GpJxt77YOmNZGOPQT97/4chwynf3bL6Qxavr7QaIH7EPZb/4sXVzPOc+E5D0DSJhdCF8gQZn4+iivv2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
f1ac04e720c74e9941abb3dca858a979
cross-origin-opener-policy
same-origin-allow-popups
etag
"e2778786fcd4c65c410106806077aeed"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Feb 2023 13:24:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
416d94cc35e6444d38c032140e717befef2e6f919ce6c89c4924d240910387c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Origin
https://pastes.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50452
x-xss-protection
0
server
cafe
etag
625168946051729819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 13:09:09 GMT
/
ui-avatars.com/api/ 		579 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ui-avatars.com/api/?background=random&size=264&name=tonicstudio
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665591d46ec09c45cd58914dd615df65e8a27e212a0e04fc2e125c19b6fbc929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
last-modified
Fri, 03 Feb 2023 05:40:23 GMT
server
cloudflare
access-control-max-age
31536000, 31536000
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzFYL4plzOAdRatzMnnQDMXq4Nky7Bqpdg4oAjFm6ceoHyk6iuVwy9FQwL5cCwVuOVGHrZtEXsWoNQtBJabjA9uzcVxUHvoahtmRrrvgb75Kvv7E5RszIUet2DIBJqcR07uS2QJ3B8g3nwZn"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
access-control-allow-credentials
true, true
cf-ray
793b663e6e535ca4-FRA
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
expires
Sat, 03 Feb 2024 05:40:23 GMT
/
api.qrserver.com/v1/create-qr-code/ 		376 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.qrserver.com/v1/create-qr-code/?size=150x150&data=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.85.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.85.99.88.clients.your-server.de
Software
nginx /
Resource Hash
9a715f7ac867656f6bb33d32b8b2924a647b8a941de540eef030555ecaba2948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:09 GMT
server
nginx
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/png
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
201201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FGZ59D3l3xeVtJL%2BymKxGcipPnNl%2FiY7CQssJ%2BuVHInqZ68oZCdqIjiuszcQHkxmjmhzwZkcf7tlAhWgfojml5tK%2FXEpXPkr2NKhcZeePPuzOQrSqeGVietuE8HpHs9JUMKBlb4xoV%2BXucHRRLdIfup"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793b663c8eb9365f-FRA
expires
Wed, 24 Jan 2024 13:09:09 GMT
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
200264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15668
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-1042e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUGX1DCif%2BMxIs4V4wAHbBiKutjKq4JFHcEeY1Q1Pud3Cj8okNYLmQ%2B9REIc%2FCFSLq0Xo1oZUUeSAgjIhuRljXpqPX1iyUsCmYYl4O4A6e9CiqN2BZ3IDbkCNy8wh0GMR83enBwViq9bP2T2i5TNhdoH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793b663c8eba365f-FRA
expires
Wed, 24 Jan 2024 13:09:09 GMT
prebid-ads.js
pastes.io/js/ 		22 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/js/prebid-ads.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 12 Dec 2020 02:54:52 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22
x-xss-protection
1; mode=block
expires
Fri, 10 Feb 2023 13:09:09 GMT
app.min.js
pastes.io/assets/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/app.min.js?v=1.5
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
4508
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Mar 2022 11:17:48 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
vendors.min.js
pastes.io/assets/js/ 		373 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/vendors.min.js?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
ac69939a25223ffbb9055f9a54a429bc6bb24d1fa00af9953e48a79177da8182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
106451
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
jquery.sticky.min.js
pastes.io/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/jquery.sticky.min.js?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d5e098d2863808a8705f9d74d232575aafbcb218580ab21db42cf736991e67d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1369
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
components-popovers.min.js
pastes.io/assets/js/ 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/components-popovers.min.js?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
b3ddfb37ed78728bb94cd31a9077ffc214ce9f3853218d8bfb1927a4ee291efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
439
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:07 GMT
components-modals.min.js
pastes.io/assets/js/ 		388 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/components-modals.min.js?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
a7b489051d44d2c22ed5121c6112d82a4e73103ad950779a9a37bba2653b1216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
168
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
app-menu.min.js
pastes.io/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/app-menu.min.js?v=2
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c73dfd28de1fea67655102d3ece0bc053e07154916f0e32af50e5e3be116eaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3469
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
app.min.js
pastes.io/assets/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/app.min.js?v=3
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
4508
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Mar 2022 11:17:48 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
custom.min.js
pastes.io/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/custom.min.js?v=3
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
4353a7702a269ac78f59dce6e0f46c1defaf681c074fec7f19b77be823d781a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1429
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Mar 2022 12:48:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
toastr.min.js
pastes.io/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/toastr.min.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
7f8a524cf4f533c441ec342a397566f44c157c1a4ee8830eb49db90088bdb0ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1993
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Mar 2022 11:09:54 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
sweetalert2.all.min.js
pastes.io/assets/js/ 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/assets/js/sweetalert2.all.min.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
aa730424801f53a2e5d344701b2fca2680ebf9c1096aed1d7e5fdff3734f3f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
17488
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Mar 2022 11:10:00 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
codemirror.min.js
pastes.io/plugins/codemirror-5.52.0/lib/ 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/lib/codemirror.min.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
ed7ab948c1df8600b122c4bc1a668b9ce246e200ae1053f922e0bb3663ef123b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
54868
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 14 Mar 2020 21:15:26 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
loadmode.js
pastes.io/plugins/codemirror-5.52.0/addon/mode/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/addon/mode/loadmode.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
154884fb0942117405532f2c9f71e1c46c08cb51db6e520ca420edd68ff8909c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
794
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
matchbrackets.js
pastes.io/plugins/codemirror-5.52.0/addon/edit/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/addon/edit/matchbrackets.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
5068c4c078aa75505850d2b7993bd805a8d0396202ddfc37429b8247010f9a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2093
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
foldcode.js
pastes.io/plugins/codemirror-5.52.0/addon/fold/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/addon/fold/foldcode.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
7870b15ec652b5f84c566983875510670573e910d69b10d3a2146bc20fd689fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1447
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
foldgutter.js
pastes.io/plugins/codemirror-5.52.0/addon/fold/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/addon/fold/foldgutter.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
523a9b2814dc2706a78b77d79dbdc1e945a0b85f22118028b8cb139f8db948a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1563
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
meta.js
pastes.io/plugins/codemirror-5.52.0/mode/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/plugins/codemirror-5.52.0/mode/meta.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
5abda823cbbf370ffbb52bc61fbabbf4d2f3eaa04e146c9805273f066a100a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3729
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 23:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
codemirror-link-overlay.js
pastes.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastes.io/js/codemirror-link-overlay.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
db15c73725fb887ad2f55038e3170602a4efb0ef8c0ba3c04e19ec2bb07c40bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Sep 2020 22:36:52 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
script.js
cdn.counter.dev/ 		639 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.counter.dev/script.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38fc09d3debfad949531c3a097185daa56695dd779757e98fcbcebbd2c21bac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id
b4bc7ae5b2bfa0bcf459ba56561126f5c6d547e5
date
Fri, 03 Feb 2023 13:09:09 GMT
via
1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
cf-polished
origSize=1038
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230068-FRA
x-cache-hits
0
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 01:31:24 GMT
x-github-request-id
5B70:67C9:B9D242:C0394F:63C89F35
x-timer
S1674092342.646907,VS0,VE91
server
cloudflare
etag
W/"63c89d6c-40e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0NABsol5R5RbsEBKJXMEHTD7sXiZTcPpK0owBGX3vN3DK0NjIxL%2BskCQHwppiKTBLv%2FTlLtoSSkHXsTPW0oqmZimkIfq13TnaNDwlojxHVgOaA1G%2BZH8XNSR2y67NLI6%2BUPf0aQGArWlMsAS9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
793b663e6b22694b-FRA
expires
Mon, 30 Jan 2023 00:34:02 GMT
sb.js
cdn.splitbee.io/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.splitbee.io/sb.js
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8aa2311d3d785a225afe46d73cbb380739529ffbdaff1d301c7b72bb6ffddc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-security-policy
frame-ancestors 'none'
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9895
server
cloudflare
etag
W/"4b7b53e4f5e001167ae91c5d8e81041a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnXkboE%2BgsTNBXtHMW09oH3c%2BKxc%2Bwn5%2FfLIXJWf1dHfkb%2Fe13lRqeC%2BgGrQfzRsLaikVkPm4XlcS4x0Fbcy8orjqk6r%2BQ00Y20mVGzHGawPAea%2F4ixXsQofjlCa9XTbL6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=172800, must-revalidate
x-frame-options
DENY
cf-ray
793b663e686d9ba4-FRA
v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A
dustyhammer.com/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
1276ded11441d2462ea0d994be5857a63e4bb02032eb4691c5933b70c44f925b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 03 Feb 2023 13:09:09 GMT
x-datacenter
gce-europe-west1
etag
"ae3688f7e3b871735ec73d172375b660973648ff8bb09ca8838665fcace6e32f"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-jfmg
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
757822166
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
us.svg
pastes.io/fonts/flag-icon-css/flags/4x3/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastes.io/fonts/flag-icon-css/flags/4x3/us.svg
Requested by
Host: pastes.io
URL: https://pastes.io/assets/css/vendors.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/assets/css/vendors.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
646
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 13 Feb 2022 01:03:50 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 10 Feb 2023 13:09:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastes.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 16:49:14 GMT
x-content-type-options
nosniff
age
73195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:49:14 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastes.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 02:05:53 GMT
x-content-type-options
nosniff
age
558196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 02:05:53 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=71455d6945fd85e861a344569e24e47f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11ca4973dd59adc56357ae9bd3ba7e3773d1b0b12b77cdf6f69193736f205d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pastes.io/dwkbkmuilh
Origin
https://pastes.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:09:09 GMT
content-md5
KTNdK4pI1O5XySQ1d8Xusg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86989
x-fb-rlafr
0
x-fb-debug
sNexGgopOTtPBDNLmPyOTsShZhxaiBzOVDcvDfJnqQz9WQ8fRIDtF9YvzWutd7EmHwDoj1oIqq9j9Mo+WHI+VQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
6b62b6a5d933c23de2097492b25f2724
cross-origin-opener-policy
same-origin-allow-popups
etag
"6bbc933d874d85b6a7f3196a48291edb"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 03 Feb 2024 11:04:38 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216162563-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 11:12:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
7019
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 13:12:10 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216162563-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7aa171f1d950fa652f42c4677c4668deebe1055993268ad2ba098c8951e5307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77032
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:09:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ 		361 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2cbc3f9ac9294fbae01400bba0383db3af0134739a2e732a86f3dd4e41e2ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121321
x-xss-protection
0
server
cafe
etag
1265895517163904054
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 13:09:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame B70D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4604570868082747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 21:43:24 GMT
etag
10353107486223812946
expires
Thu, 16 Feb 2023 21:43:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=327053132581361&ev=fb_page_view&dl=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&rl=&if=false&ts=1675429749864&sw=1600&sh=1200&at=
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 03 Feb 2023 13:09:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3C9G1SS24S&gtm=45je3210&_p=1249400759&cid=1716922820.1675429750&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675429749&sct=1&seg=0&dl=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&dt=Tonic%20Studios%20-%20Pastes.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3C9G1SS24S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastes.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1249400759&t=pageview&_s=1&dl=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&ul=en-us&de=UTF-8&dt=Tonic%20Studios%20-%20Pastes.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1733021732&gjid=1401797398&cid=1716922820.1675429750&tid=UA-216162563-1&_gid=993175695.1675429750&_r=1&_slc=1&gtm=457e3210&z=781490204
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastes.io/dwkbkmuilh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastes.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastes.io&callback=_gfp_s_&client=ca-pub-4604570868082747
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b0041f0ca41f5fc84c5745e0155da2d6e1254c49ab58ef2a48c915f20ea4025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pastes.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastes.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&tn=DIV&cls=drag-target&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&tn=NAV&cls=header-navbar%20navbar-expand-lg%20navbar%20navbar-fixed%20align-items-center%20navbar-shadow%20navbar-brand-center%20navbar-light&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E4A4 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&adk=1812271804&adf=3025194257&lmt=1675429750&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749712&bpp=15&bdt=1867&idt=570&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8709760724522&frm=20&pv=2&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=660
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc8bd16282e8394be2af197e52b5e08b61e78e936463c024e06e5c132544e4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4931
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Fri, 03 Feb 2023 13:09:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dwkbkmuilh
pastes.io/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pastes.io/dwkbkmuilh
Requested by
Host: pastes.io
URL: https://pastes.io/assets/js/vendors.min.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
5ed9cd2428f08f396dc10b8e866d1caa4d5b46179684313fb9c5edd5c903116c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastes.io/dwkbkmuilh
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
server
LiteSpeed
referrer-policy
no-referrer-when-downgrade
x-powered-by
PHP/7.2.34
x-ratelimit-remaining
57
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
x-xss-protection
1; mode=block
trackpage
counter.dev/ 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.dev/trackpage
Requested by
Host: cdn.counter.dev
URL: https://cdn.counter.dev/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastes.io/dwkbkmuilh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSQ%2FjUoSzx%2Brx0C4Hr%2FkID5Rfmu7CCL99FbLSGDuB74AmSJ1HpRx518WDsZHEcQr6bWOfnbWGS8oJQ6WtAsCv%2BEEzPJjQbtda%2BOq1KzsioQ6fxw%2BOYRCrCBlxzJwLK0AFOuicjM54yxtmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
793b6644aada694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: dustyhammer.com
URL: https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
18788891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
TW0WEdiVbSa-dSZZ1ZL2PpfhbiEiMKKgrPPeFzqS-F4Ih-ehjsDm0A==
comments.php
www.facebook.com/v9.0/plugins/ Frame C9CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v9.0/plugins/comments.php?app_id=327053132581361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd88acb391b07%26domain%3Dpastes.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpastes.io%252Ff1f78dee8c5ab24%26relation%3Dparent.parent&container_width=1073&height=100&href=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&locale=en_US&numposts=5&sdk=joey&version=v9.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=71455d6945fd85e861a344569e24e47f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
7HX8r3MK/ZMmkKcq1OlbvSzFE51sQvKWZ3xamp/AUZ29s0ia6A7I4n6E45HCKB4Ztk8PbSn3lKVY/ft+biDY2Q==
x-frame-options
DENY
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A903 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dadf6a9423431208c04d261963def3bd3efdd1021acba1745e23969b8b410327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11787
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Fri, 03 Feb 2023 13:09:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i
hive.splitbee.io/ 		14 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hive.splitbee.io/i
Requested by
Host: cdn.splitbee.io
URL: https://cdn.splitbee.io/sb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://pastes.io/dwkbkmuilh
uid
uftctek0brf
x-origin
https://pastes.io/dwkbkmuilh
context-id
989221825348569
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-security-policy
frame-ancestors 'none'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uid
uftctek0brf
content-length
14
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://pastes.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEUfmUBDtXPC986qGNVoYQFNF3dsafRaxRG2BP3nNqTtaBvHhMEVQ9qODXJPk1aKCJ45Nlh8NkNGQUMgr1LAwmqstNHXg6NM123VFVuSvKVpf60vbZz%2FK5ZJ%2FC6iaGHNAYN%2Bvb57d9X1bLp61Uo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
uid, userId
vary
Accept-Encoding
access-control-allow-credentials
true
x-frame-options
DENY
cf-ray
793b66469c80928f-FRA
access-control-allow-headers
Content-Type, sbp, uid, userId, no-cookie, context-id, x-origin
get-paste
pastes.io/ 		745 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pastes.io/get-paste
Requested by
Host: pastes.io
URL: https://pastes.io/assets/js/vendors.min.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.145 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business140-5.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
da7fd7f1eddb1d0668db64c337ec3c4ba22a847a6a8c52186c48e0ee6f823b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://pastes.io/dwkbkmuilh
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
x-powered-by
PHP/7.2.34
x-ratelimit-remaining
57
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
content-length
745
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame FA06 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
995e3b7f650bd9a2df329aeade58a4dcd6f28ba639eb9d1aa5380f82974434e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12695
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Fri, 03 Feb 2023 13:09:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F0CC 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae89bcea08a4b037b1bc6bd2e4729f68e15c263a62182b1049addd802881b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11841
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Fri, 03 Feb 2023 13:09:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i
hive.splitbee.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hive.splitbee.io/i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,context-id,uid,x-origin
Access-Control-Request-Method
POST
Origin
https://pastes.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, sbp, uid, userId, no-cookie, context-id, x-origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://pastes.io
access-control-expose-headers
uid, userId
access-control-max-age
86400
cf-ray
793b66461d27699f-FRA
content-length
0
content-security-policy
frame-ancestors 'none'
date
Fri, 03 Feb 2023 13:09:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUMDTk%2B5IPEm3UwABj%2Bbv1QKLKI76BNgm1tzIzsvcHcuqqe%2BCSpt%2FZwaQDrOh0NGVvu7IANNbaEp6LqJkmRZSY4akHzSWoRvn2qeoQsUYIoDOGkOuyZByc6swVcGMiVKRpOvupOg%2FWybuDoAFWI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
v2nro73rSYOxyrpd4goI2M1_saq6KIJUGkTa9voHOyRHMO8a5omTJFuzaCgMxrWfvZLEgDAs1
dustyhammer.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dustyhammer.com/v2nro73rSYOxyrpd4goI2M1_saq6KIJUGkTa9voHOyRHMO8a5omTJFuzaCgMxrWfvZLEgDAs1
Requested by
Host: dustyhammer.com
URL: https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b3c7b82a303d4482bfefbaa366b8714956b940db3f494806e1a28fbfb3d146c6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://pastes.io/dwkbkmuilh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 03 Feb 2023 13:09:10 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastes.io
x-hostname
fen-hoothoot-europe-west1-spot-jfmg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 03 Feb 2023 13:09:09 GMT
v2pbyfoSmEuiK4q4ur7wC0BQkjsHUwZRv2V3lFrqDGPMvlUQLOHvgrQyhC7bKr8cmSqhkVyN-
dustyhammer.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dustyhammer.com/v2pbyfoSmEuiK4q4ur7wC0BQkjsHUwZRv2V3lFrqDGPMvlUQLOHvgrQyhC7bKr8cmSqhkVyN-
Requested by
Host: dustyhammer.com
URL: https://dustyhammer.com/v2nawkUZvaIEqEu49P2TAumQzS4H3BIsRTUQ7ggpRSp6rTwTAdKH-Z0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://pastes.io/dwkbkmuilh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 03 Feb 2023 13:09:10 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastes.io
x-hostname
fen-hoothoot-europe-west1-spot-jfmg
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A903 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A903 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
l
www.google.com/ads/measurement/ Frame A903 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIXJ7GN2pRF-w_JFSuzPsKZd8eZKpAhdcg3ht7gSo5wp1_TpBmUM3m7bhBQ-XrrlRCVyJtxR1UJHEXgjQ6PQsWNe-_ZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A903 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 13:09:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame F0CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame F0CC 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
l
www.google.com/ads/measurement/ Frame F0CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxMyw91xEn6ctEgRIusCgwtTccKpntYrgHF2nmPOGYDMdLLOqAVUI0XuPjXyHe-Eo3ArW7N5CBsW60H6WylUBz3on-wA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0CC 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 13:09:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 99E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBLeMdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTmAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui8y-jh5nZhkKJhR9FYnQN6G3SdpX6gQqsXrSO5GXmlZWdiE8Vb6D9gAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjA0NTcwODY4MDgyNzQ3GAA&sigh=-QOyhe81Xnk&uach_m=[UACH]&cid=CAQSKQDUE5ymW4MxQPwVPtBxwBIPyFJC8p2Qcq9nwtIiS6G_9SFqviCaCeH9GAE
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Feb 2023 13:09:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 99E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ggv2x9secvjpbxeg89pxvxkm9b61qkjxf2xppjrqx14dswey5jn1sd6h67wmchjt4swyj4cy220agrnssr7pc01zdzgexkra2kxs41ba9c28f91najz4y5gjmysdbqa1rbgfd30may7sark5e2nhgqdwdcy5vwv89w6msfbtxk1jrn6kqgs9nwcreedz38y56152qb3yw7txxr16nyzkr1gx7ynca5j6c91mk7gda64dpxaqscf2g0z0j46fpn3j7xtpbnyw0ztgv8qjwdb3665nmd6b1yrm6dap5nv7ksjy1t00p7x4xzt0xy6xjk11h624ttt1f64m7me02gnxrgm8r3nvstcky72r2sx9zdzykb47sxr7ak79xkj8c09n8ytq4hjeynar58&b=Y90HdgAL128KmouZAAtNmA_Os6iOfQysH6Sykg
Requested by
Host: pastes.io
URL: https://pastes.io/dwkbkmuilh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 2A23 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dfe317df7b8b774a8a768dfb9cbfdfc4edef3a319bed29fdb87dd13cd53403b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
793b66491cf23808-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:11 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 99E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2884 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sat, 04 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 99E8 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:25:32 GMT
l
www.google.com/ads/measurement/ Frame 99E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE8c5DL_RwS2BhDZB3oESSxtvw1d6PL7_RszIJNk2XV4Y1efAhLzDQmKBkjClmDXBcnka617FQQl0iWzrDduX2AUXUig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99E8 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 13:09:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A903 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChKYCdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOYBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybEGE7pv8yEFr0Dk4NMNc7bqVxAWnQUTpb3xHNpO_C6tyGM2kTv2eABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ2MDQ1NzA4NjgwODI3NDcYAA&sigh=5N-pP_HAosQ&uach_m=[UACH]&cid=CAQSKQDUE5ymKCoTcVS7z9Xe8fs2T8Tyt-LjLixLzDz4K_opXKPpgXKfJ_orGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Feb 2023 13:09:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame A903 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EMz6RLYHlgGdg2ICAgAAAP4UYERpH87t8drma_G6vJ4QdgfdY5FjO7VeZUMSgpFLABIAAAoOQVFVQkJRWUJCUUVCQlE&wp=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
290539
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0FFF 		136 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9e361157996ee9b9fbe5bface7365726f60bd294d83e8ce805e23297260d8194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hU9-u9gie-fvzp5zf0AskeXqZjbKP9bjrFkdq_If3aHMCABKcddQ6sC62bkeIXm3HOZqbOvyxijzhTfMoQ1kZne2Hqv9KpLu2E-5fsUi38W9PhmdJBCeGJTMpqBhxwX71wiEf0GeLVOCkyKVvslIECJ4PzKqanPFtR3tvRKRmc3t1lLTkxelPdxlyAqUSveC5_k2e-zJTApKR26oC1F6bxcQJZRVjoAKQAoIOw1PRSMm7g3_Z3rA05rwEGVltCY20KkiWw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57881288
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C64D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sat, 04 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F0CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZA38dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTsAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTM0p6y0-K6nVI6qvB42-djicxGPuHZyy1gFB2Iprmqra9QgwbaZ-KgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjA0NTcwODY4MDgyNzQ3GAA&sigh=XNBnkMQWiWI&uach_m=[UACH]&cid=CAQSKQDUE5ymdN07-w7TQeKyQFO-O-mqe9I4jg3SXWWVhQn9DSkonzyhqDuEGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Feb 2023 13:09:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame F0CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EMz6RNMCmAKdg2ICAgAAALpEtrCpjLB38drma_G6vJ4QdgfdY1AjsAa_k33Ru4aUABIAAAoOQVFVQkJRWUJCUUVCQlE&wp=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
260420
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 524F 		128 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e428d1570fe07412cb80e01a0658da2f85fa71c5cfc6ab2ca1042b62eb4819ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5qDB5Ngie-fvzp5zniEDABiZHoGDxM5d2QkklmMNv0YI_xo2pDM3tyuOi4BG7pvut0f4E6XoEbk141X_ePJaIkBVKNu2sHplBILHcLuz9Hyz59dUHNil8abocum8ecuHQTUsYcl-f-NKATgtoWHeQ2j5LNz2X21BhHgt8F9NXwxM109J5BSjLGyNoxptjt0CdGqE6x56bbHqGO46vaYZ36XahA8t3xhVmJliCm5I_NNUs3dWg4vDA77CPEo2pqJUci0xdQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
104917500
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 88DF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sat, 04 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2884
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWgzN2VrTEoxUG5WT3Y1&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWgzN2VrTEoxUG5WT3Y1&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i07AHyS_XhgYoMp-Hd4Dh0P4vg48OUYgbQM2t18jJDaaBkK0yMgETP3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 13:09:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-02d4862961d254dec@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWgzN2VrTEoxUG5WT3Y1&google_gid=CAESEAaEzFvS_PnKPN9byVbkABI&google_cver=1&google_push=Aa02lx9iOgK7ar-6Nc1_73NaEBAPceco1JGauSAnTeRRb2i07AHyS_XhgYoMp-Hd4Dh0P4vg48OUYgbQM2t18jJDaaBkK0yMgETP3w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2884
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMYWaaaouQUDd92Wbf34YT4&google_cver=1&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9J...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9JeaPYaLcJRMXN_g
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9JeaPYaLcJRMXN_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 03 Feb 2023 13:09:11 GMT
Server
MT3 421 8749e8d master zrh-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx86S2Tv2EjgDPYR2Fn7zvgcXIGLHiop37pq6eGLgRfKU7qLTDdflcZIxm0ewgb7-HnLs5lfG276TOJQN_9JeaPYaLcJRMXN_g
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 03 Feb 2023 13:09:10 GMT
i.match
s.tribalfusion.com/z/ Frame 2884
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7h...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
793b664c5b9a366b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
669
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDB0ps_ChnL7wuSfFqzja28&google_cver=1&google_push=Aa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8rOz9N4AjfLRcG8SyTv5FHT529F1xB7EDa4J9U9cnFsnsbOclMf3X3UKbD1I5eLW8bYkfcjEbOO3h91cwAFQNRfCKIhEP7hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
793b664ad8d0366b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2884
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEM1I6FSZc4yyTM5G3sSmYUg&google_cver=1&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZE...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=z56711rlTBKEO-fDTlMtwg2&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZEPU6OZ0v4VC22-Q
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=z56711rlTBKEO-fDTlMtwg2&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZEPU6OZ0v4VC22-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Feb 2023 13:09:11 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=z56711rlTBKEO-fDTlMtwg2&google_push=Aa02lx9c2UT5UEmB8GIZXVP5cIC5vWIx6Q6KnbNEyFt5GIQPdQVVx4J0fJPh6ZXTFZ6uxmZx-C5xzQOBSdQPs7ZEPU6OZ0v4VC22-Q
x-host
tde-deliveryengine-production-fb497649f-snfnw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2884
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMJ3QO8J2M-3uhrUDmheJXA&google_cver=1&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMJ3QO8J2M-3uhrUDmheJXA&google_cver=1&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMi...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEM...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-lRmdqb0w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx_L1RfAbRB-iuaZoSiMNu-wCS3XBWELdNlbcdTsFEkSkldSrFy9bYlNR6dSCh85pg9DjVGtcWBt8HkpQEMiFor6H-lRmdqb0w
access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:11 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 2884
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLXdw0Iya5NF5nxEn8tATw&google_cver=1&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLXdw0Iya5NF5nxEn8tATw&google_cver=1&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VUHd2ZGtsRTJ1Ri5DekpIVjZsZHB4X3pOYnhoUXJfNX5B&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VUHd2ZGtsRTJ1Ri5DekpIVjZsZHB4X3pOYnhoUXJfNX5B&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8mBL3jMBUf_qgN2itTXB4Lx-4bzlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VUHd2ZGtsRTJ1Ri5DekpIVjZsZHB4X3pOYnhoUXJfNX5B&google_push=Aa02lx9yrbeA23Nr9BUZ0nPgycXdh5viUMHcFKOMfYIElXpfIKfnw_zHw17YfP9FBSDxOMMtm8mBL3jMBUf_qgN2itTXB4Lx-4bzlw
date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 2884
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJEimi_NKJO95HNLghSAMCc&google_cver=1&google_push=Aa02lx_YOq8NrcwK_-KCBnDD09gKMXtmE5ZWbwFY-lccX7DmS8WTxE0b56pnqcjH-Uo8c4JazF8x8EHMJlA...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_YOq8NrcwK_-KCBnDD09gKMXtmE5ZWbwFY-lccX7DmS8WTxE0b56pnqcjH-Uo8c4JazF8x8EHMJlAWvv91Ka3HyLsJiin1Gyk
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2884 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KH2qR67ufRRkeH9hI61bABasZhtKpSkc96lmGFss0BpNu3mNNAGZIh0tCac9CtIMzovrU7oLY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=130&slotname=2921184954&adk=907526633&adf=577482524&pi=t.ma~as.2921184954&w=850&lmt=1675429750&format=850x130&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749729&bpp=1&bdt=1883&idt=788&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NFSYnJajSs&p=https%3A//pastes.io&dtd=803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C64D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGp0sn2ifi-8xP_P-GhaJ8g&google_cver=1&google_push=Aa02lx8p_ae3xiuLYmFiQrKg7I0zvLO4Gx-49tfPScw4Sq8cin5kMkOMFNMeKilUmp0ICV-ZDv1mx-AsHRnyeULL93QDSyde3l49eNLL
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE2ODY2MzgyNjc1OTE3ODkxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C64D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEF-T43_UsJwiPhMhfwwXV4g&google_cver=1&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63pyDh7r9w70Aas4sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11C6E3A2FD55472BBD87BF2BA7554196&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11C6E3A2FD55472BBD87BF2BA7554196&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63pyDh7r9w70Aas4sc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11C6E3A2FD55472BBD87BF2BA7554196&google_push=Aa02lx_P6iTZJL7BxZ6g5ivaqa0UUu0E9TIVqcXdujTGsIqzoaqwcqi_Smz0kGuSFHo-04tK8M05bgd56UoNM63pyDh7r9w70Aas4sc
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 02 Feb 2023 13:09:11 GMT
pixel
cm.g.doubleclick.net/ Frame C64D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIJF1VevPAzdcLoJs0fZxUI&google_cver=1&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ3x471kcc&google_hm=eS1vWnltSVMxRTJwRm9...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ3x471kcc&google_hm=eS1vWnltSVMxRTJwRm9zVE0xd21mQ0FBNmZNUkR4UnNNbn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_rs3VEv4sOy1VrGSWUvkzZiS4BLViH0UhDVY1iwMUW2rG_H0Z6AEEL8veiL4c630W5U0rqG_3-u_guQ5LXoFeRtVZ3x471kcc&google_hm=eS1vWnltSVMxRTJwRm9zVE0xd21mQ0FBNmZNUkR4UnNNbn5B
content-length
0
dds
rtb.openx.net/sync/ Frame C64D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOpUYk9xeNcyzTGqFwZ3KQY&google_cver=1&google_push=Aa02lx8C5e0XZXZMkThKsVJL0r-oYz-5YWHGQxB_Ni0-QNlXe8wiERlN3QizN25s8tiuYVRhBC_nOKE5_E-XbZyoUEGj43qOeLoUH4Kp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
e7tj5fhfeeu0r770tpknukeal86qnb9p
pixel
cm.g.doubleclick.net/ Frame C64D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHb70MBWiYprt0kEtG0dl-U&google_cver=1&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WkotMjYtWjNZ&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxdc2qviEi9m2p4v76pRhsnLyEP_67I
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WkotMjYtWjNZ&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxdc2qviEi9m2p4v76pRhsnLyEP_67I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WkotMjYtWjNZ&google_push=Aa02lx8GJCpxRAzWT_AYjX-EWHyDlVV7eWBa4DdTWLwmDVfFjqQrlTkNndfXuWGNS73Aj3cepxdc2qviEi9m2p4v76pRhsnLyEP_67I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame C64D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5a4Vco6FNOGMeJpN7hgu0alD5nNP8usTM62fM6UZ51WKMpOOxKK8Lti3W3kCOIGn9q10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhkzknNvrKdCjCfV%2BFyTfnM2dRZOqpipvFcElAspK2N6OleG%2BEFVMuRgZ%2B8QHTZqJkEKfO2dA6UfHUg8lvUESq6KiIMhREtoHwt2Ut5ymDw1UVqfC446qTW4H4rENb%2F%2F9Pzq349aeheH2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDhy90I1Y-iTaUjsbWu-Gew&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx-vBFIxlCY3SWFewOFIkzOte82AlRDu5a4Vco6FNOGMeJpN7hgu0alD5nNP8usTM62fM6UZ51WKMpOOxKK8Lti3W3kCOIGn9q10
cache-control
no-cache
cf-ray
793b664c3f4f3830-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame C64D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESECE8QU2ioYOgsOq0R5gkQQk&google_cver=1&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSC...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECE8QU2ioYOgsOq0R5gkQQk&google_cver=1&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCX...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLC...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSCsIYlEJ96fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Kr9QVj2rSxms3WkycyCCTg&google_push=Aa02lx-9uU1lqApVmySjsEAIF_Ry-B0wyHx5f_dg0FRTsn9pfOZ6DugZEXdpdwSNwxZsSRXCHok1SxLJdPUwkLCXxxIBSCsIYlEJ96fw
access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:11 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame C64D 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXHthCgr45s_qqSbAaq5Zw_yFfvARhqwQg4bjLCm43yQ1fToSDPn6sJWm7hIZbVVZyCYQ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 88DF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1&google_push=Aa02lx8UnkppclD_5ldrvMjYdcjOJDdrei7z-NcKBkhy89uLKrCL_zqRbUSIcZFXcoZkBQzHqAeEBz91DqFVFmcDJiX8r_G6GqcOEw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1MDk2NzU4ODI3NjI5NjM1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECVnnevrtWz-3urWeW7p7Qs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 88DF 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFokN2uINniOhZv_3hPpGL8&google_cver=1&google_push=Aa02lx-Hfg-GfGeFMzAGi1yp8KVMNzGOL2qfKXs4CdQCyNNSPGFoZYWdk0UFQ8OWImT0_nRMa4AP2oHiFXyBezeGvOPSsL7uWwyh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 88DF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFsfSI6JWciYiQSaHGvGhi8&google_cver=1&google_push=Aa02lx9N2dI9LGJqHBwp-4ePwIfF_3YxMRpsMEIrPJUmzYy5rZ4Btog0ileZqT2yKE0Kz_tpzu5HUIXl6tW2D28raePF_FcKnGFP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 88DF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHBCtUaDcLkhmRAO0ekbM_k&google_cver=1&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHBCtUaDcLkhmRAO0ekbM_k&google_cver=1&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSlj...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wFjmNpyWA0r4TrmHu1zEqBwaDOac9NDPytBq_FEkIg7nMLe7x3Lzeg6srgdAYk1uh-7n53HQYUrv1BqgBMMSljq9-CN_CTw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 88DF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOYpaPUlmRHYVuRn6vlE2ck&google_cver=1&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMem...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WlQtMjMtQVI3MQ==&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMemruqteEQ83nIEU-dDWBymKs896Sw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WlQtMjMtQVI3MQ==&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMemruqteEQ83nIEU-dDWBymKs896Sw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPSk01WlQtMjMtQVI3MQ==&google_push=Aa02lx8XvbRHogwt5e02-LTIrdGl9Ki575Jw7GSnPtMYIfnzsOK1pOhv2DGTI7nqZB5irVKyMemruqteEQ83nIEU-dDWBymKs896Sw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame 88DF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2j6e9rkSJPNv6LYIzr7amMUfU8aGnjmIsTOOQGhDAamDkhOr5nzvpTuT_vsih8PE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evXC7yYgA37l935rfegSgnKVrr3srx%2FR7ls%2F9Wu2vUUQuYMXVMy7KlvAzM8pFmHswh3OQoP53rrjNPQTtX5VEXc5uU6mC3rfSUuEx6oD0QoBI2IxpZjgdvjCYz3GROrjmZvQVlsJRDfFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEkO-9wUmT-QJVi2N3KtPS8&google_hm=Y90Hd2rIQcUgA_yHjyylAgAABJYAAAAB&google_nid=index&google_push=Aa02lx8Fsz49a5Vq6wzCyHAY_vDEfTVUQcHB2j6e9rkSJPNv6LYIzr7amMUfU8aGnjmIsTOOQGhDAamDkhOr5nzvpTuT_vsih8PE
cache-control
no-cache
cf-ray
793b664c3f4d3830-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync
ssbsync.smartadserver.com/api/ Frame 88DF 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEUhn5BpNw0lj75o3BpUG28&google_cver=1&google_push=Aa02lx84T7XC_649yVMTMO_Ke-_5DvGQXMjRXQ7PjoUoYV63dZcNWj-aiZzhc74_fen4EirvnyeL8jB3HONdzX9hUt7sjgo4lv6m5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 88DF 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-zH97V8frRuX7QOoMDK0k5imeE3Z_5gNw0rrudVz6GgJRqiKgaGGnJAyqlyaN4J5RzRN0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=280&slotname=3555609772&adk=3682033334&adf=2638160645&pi=t.ma~as.3555609772&w=339&fwrn=4&fwrnh=100&lmt=1675429750&rafmt=1&format=339x280&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749730&bpp=2&bdt=1884&idt=806&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x150%2C850x130&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hPhZJeLPzT&p=https%3A//pastes.io&dtd=839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 2A23 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674752855
age
208226
cf-polished
origSize=97007
x-guploader-uploadid
ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 26 Jan 2023 17:08:09 GMT
server
cloudflare
etag
W/"894b1310ad36469d313fb67e2899e78d"
vary
Accept-Encoding
x-goog-generation
1674752889520716
content-type
text/css
x-goog-hash
crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3OtzoQtEN0h1SgFjFziOR3uYSmCvfctvAc5ojTCVX%2FSWcPXQ8slwy4mF0pdKd8ohOOitdjBLo4BpXnr1MLcZKYl08HZcJvE%2FYkhRxdQPfUJjnrhodkTGnkRtNrjsAWU8cet9nN17MY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97007
cf-ray
793b66497d723808-FRA
expires
Fri, 03 Feb 2023 14:09:11 GMT
r62eglto.js
ad4m.at/ Frame 2A23 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
208749
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrDfg9O8ieUnqBgdsGsHQJNbU0vVbbjRGzELeRQBzvG1aSKZZ1c%2FtmQnJJz%2B0JzxTcvF7VMrdVRVA2A9h5c%2BY08T6A%2FpKLIFuOM0uHATnj1jeja%2FCqjfh8kDJh%2BxhUmecZ1HGsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
793b66499d913808-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
truncated
/ Frame A903 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40940bceb5217bf6413dc859b431e5936d7e0e6531f85826d8549558078d1f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F0CC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da6cd6358b6f0d97ae38326cf3c1cf4ab8075be9bc436bfd2093a46b4d543b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 99E8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db4263521b2d7a91e26020451c201c7e0966baece960f663a16e5a4f189d1fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0FFF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0FFF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0FFF 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 29 Jan 2024 13:09:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0FFF 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 29 Jan 2024 13:09:12 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0FFF 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TqNM0VpK7UNOzZVT8RZfYtdX4rDOlc61HWRhPCvMyISsuW5KXameGRpleCrzWWFZQtzsK8be_67EGv-JXdTQylQXSRfZEybi_gVd16tqxU4Opy68agrK2tVF7PXZFtIR0_RpeaEc3Bjh4y_kj9mUECCHbd8kEpxAk2fbb4GmDjWiyN_9a0rXx9lNKbtQY2HeF_kEAr1Bakt9-WJYa1aNBYogOcvqJQbq6Zv7H96k391qoSOw_pK6m1j193t-TOuxeDZWzooV8S4K3IjfuK4d4QBChnzro5xTzXs47rYfxxN8pMahwOTDuYgpA_qD3BhV_Yh7hGSGTgAcPBziA_0S7IQwTCiOMPMppm-y1FkxQSXF_X99N01FKFVxof86g9KHHX-yNYQ61z9eZTdsuKyV3rdZR1A22hP3rCSRzgcnx32mzSx6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2993169
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 524F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 524F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 524F 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 29 Jan 2024 13:09:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 524F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 29 Jan 2024 13:09:12 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 524F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RDvd31pK7UNOzZVT8RZfYtdX4rAfw7Ob6HEW188fedHkurbAXH9Ypg2JvEvUv7Z0peVtnaMpxmZaFegAFD7lReq_HY5cjqMnVpJUo-KKF_b4_bISM4c5zq2mIG8Vc60Dadnj2IJOQdwVjXOxvxVGO8i0NwbHvcWYH3mdLWmRo2cmjCX5L-cAltrXliylZx3YK7SR1381WhHY4-SJhhhx425b5BmGh1GphskepmYJkGWaC50TWAX8rdOipAxqhCYzFGVh9J7f38ge0JFc1STLsYI7sghlfPyMaNWadknvXfWUBzJ1-s2ruV0cIoS567tv1RgsynKFGMxogkH45EdpijcTvqR9ROST5iKvzjIznDsFkAa5S1mSnIFTpB2TbUwHHjoIJqPFTQmZueWgGwJ1WKTAWBGCU-H6iJQC_eSdXUAoRvcd
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3190981
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 524F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
803410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCyfUZOit9teC%2BMNwGKmo0Z3PIiC7TKMFbb3QO4uMDH3uNYKC6nNhxtovHXFPoS9qdWbC%2BkbjdXgXu5KVxiaB4ytsLJ8LWKUL0lg%2BJN4V6%2FhSiq0crUd9uUXHfM1xUC2qlHsAEW9KwoA6%2Fw7Yrb%2FDA6o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793b664b3b4e9142-FRA
expires
Wed, 24 Jan 2024 13:09:11 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2A23 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1019
x-guploader-uploadid
ADPycdvPzNjMo9AIUALoUqTWKJBNPOB_RfD71QBfUIwWWIDnAMaYGqyuQcsztbvDytgCKvsyldbe2I5ti2IHjt-ZsBHiHA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXTvq8Q2crEkCi%2BGLF69Uh8nV5nj%2BB1mdVPMcbBBRYX%2B4M3pB0XEgnI64rREvCB%2BOGYISbkT42VSgdhGXxV0orv4JGI6GiUoAniL7i5CQ6NORtOUu2Q%2Blt2DMDZyr7D7GOVe2h8bSZZwIF%2BQbypiYiBQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
793b664bfa429c06-FRA
expires
Fri, 03 Feb 2023 13:07:13 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 524F 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 524F 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0FFF 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
803410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSVt4Gl81mE%2FVIFICYT6%2Fv9LYGQ0B%2FJ4xPdWyC4zvtn2ZEYppyMzIeb1SnsYZWd1XqstcTGgiD8DTamMqgwT%2BIQerGEbwRzmhPZ7q%2FsWJQD%2FI5yUDWit%2BNXGYCDfNIruvs%2FRfEtYZNVukLv6h7mW46y6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793b664b9bbd9142-FRA
expires
Wed, 24 Jan 2024 13:09:11 GMT
animejs.js
static.criteo.net/animejs/ Frame 0FFF 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0FFF 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0FFF 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
img
pix.eu.criteo.net/img/ Frame 0FFF 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=296&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ff5aeb75966fa423aa72c4303d62e50ae_logocon.png&v=3&w=446&s=oEiu4egOxuhSXaj5jz-ytyGz
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3d820fbb7146d278d8838410dd3ea8e9e802217af73b86c930d4806ffeab80c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30374227
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21134
expires
Sun, 21 Jan 2024 02:26:19 GMT
img
pix.eu.criteo.net/img/ Frame 0FFF 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2F71409a64baf248aca03b351b9195ce6d_img_horizontal_1.jpg&v=3&w=1200&s=KA_nDUJEBJWiZ1S55oDpFXKD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30148401
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
63762
expires
Thu, 18 Jan 2024 11:42:33 GMT
img
pix.eu.criteo.net/img/ Frame 0FFF 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1604937410%2F20266468-4iuJr3T8.jpg&v=3&w=800&s=MeMgT_Bc0486GrrIi8IXQ9zP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f804f52520f38b47e6b486e45fc2760fe5226f268a19768dbb24dd5697653df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20490
expires
Fri, 03 Feb 2023 13:09:11 GMT
img
pix.eu.criteo.net/img/ Frame 0FFF 		305 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=TEaRsCHzuSj0zAgZi9PepHsv
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27524969
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
305
expires
Tue, 19 Dec 2023 02:58:41 GMT
all
csm.eu.criteo.net/ Frame 0FFF 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hU9-u9gie-fvzp5zf0AskeXqZjbKP9bjrFkdq_If3aHMCABKcddQ6sC62bkeIXm3HOZqbOvyxijzhTfMoQ1kZne2Hqv9KpLu2E-5fsUi38W9PhmdJBCeGJTMpqBhxwX71wiEf0GeLVOCkyKVvslIECJ4PzKqanPFtR3tvRKRmc3t1lLTkxelPdxlyAqUSveC5_k2e-zJTApKR26oC1F6bxcQJZRVjoAKQAoIOw1PRSMm7g3_Z3rA05rwEGVltCY20KkiWw&sds=2&rev=84569&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0FFF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0FFF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
animejs.js
static.criteo.net/animejs/ Frame 524F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
img
pix.eu.criteo.net/img/ Frame 524F 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=168&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F220816%2F1eef614ede114d069a54e5257cab9402_logo_colorset_2_square.png&v=3&w=674&s=IuSnPu06cpyaGR9XJXUIL1Mf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d3c38d52ad39828dc7bf990d398bf991905baa7879071ea856fa892c6de95a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29700316
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18002
expires
Sat, 13 Jan 2024 07:14:28 GMT
img
pix.eu.criteo.net/img/ Frame 524F 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=dfmKjUAEI6KYVdA_G-qXdkId
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30036493
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
110076
expires
Wed, 17 Jan 2024 04:37:25 GMT
img
pix.eu.criteo.net/img/ Frame 524F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20135010-bcc8G7bO.jpg&v=3&w=400&s=oG5xSqymCK69kU347-Ejzr7U&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8cf3a78ba6b10f2854f883fdf9fa906ccc5558c1fc57583c4bd4b4397b5990a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=349803
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24190
expires
Tue, 07 Feb 2023 14:19:15 GMT
all
csm.eu.criteo.net/ Frame 524F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=5qDB5Ngie-fvzp5zniEDABiZHoGDxM5d2QkklmMNv0YI_xo2pDM3tyuOi4BG7pvut0f4E6XoEbk141X_ePJaIkBVKNu2sHplBILHcLuz9Hyz59dUHNil8abocum8ecuHQTUsYcl-f-NKATgtoWHeQ2j5LNz2X21BhHgt8F9NXwxM109J5BSjLGyNoxptjt0CdGqE6x56bbHqGO46vaYZ36XahA8t3xhVmJliCm5I_NNUs3dWg4vDA77CPEo2pqJUci0xdQ&sds=2&rev=84569&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 524F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 524F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 13:09:12 GMT
frame.html
ad4m.at/ Frame A3BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
579835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
793b664c5a529b63-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 13:09:11 GMT
expires
Thu, 19 Jan 2023 19:22:47 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYWckQWCyBpLtCmx2TQHJySuQeyLkCvZMK0Oa7F%2BvxuSEYYRTTr0BFxUwHYTfS5WZcGkNR2%2Ba2EoKQ8KFsz6ERJLJR%2F2TNwIdG703Ck%2BAtzlpQSzu93EywNB9s23MPFHMcSW0ns%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 2A23 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb97224d040e8af1f5552e15f3325bcb159047a9c850cfd59ec90dfc6ceeea9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8m7fKdrEHQBkiUVGb4WZ6pG%2BnzZNnZTesiw6yP%2Fr39RQaRM8MNXYvxSKKhQnLZVadDv7i4cZ%2BRYmjt%2F8OvIOIJD%2BR83%2FosRaMrlAbLlmQj6vHdhZvohMdE%2FZHqrc9BEOfA17DI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
793b664e384968f5-FRA
x-backend-server
aa-reachservice-group-europe-west1-hz4n
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
793b664ddff368f5-FRA
content-length
24
content-type
text/plain
date
Fri, 03 Feb 2023 13:09:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lh0i12i4h0YO2NWMn5xvmpf7yDb8UNun%2Fb%2Bb8ENfkHYFmswzCut0goVxyO6AQgWDyfQJL5uUUxUR%2BZsRYYDgXTr4L984VBXxgvUFA9334vBdGCtprQ%2FM4moa94nr0nhlQipXRU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-hz4n
rar
as.ad4m.at/ad/ Frame 1D1D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dffff713f836780dc960edf09db055e290247695d7e6f32f940c8b55a3e08b6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gd7wdekw7kczd82sz044a7j01rmeqd5ntg4seger91vjkeywrrb9kt6f79r11zfe0x91qgy6d6j5n3p2pvz6h2z0b984f6y79pdhjhgxzgrna0ajjegdqacekm30xqnezc7n98t74h052a7zb9w9p8jvwpxkw5z41qnja71sv8qs6dm745k5pe0vp22w7v6egq5kw4rep3atdv80cggbxsdt4s0rc7a7bbbdmaphmgqt9zs542794vs6whmk0d4gwzpwmc7gh2qqam2w5z88j3kfc43h7fcha6yb05fad84v6tms9525yqvhfs4rd4yes65jeg0cv5eehma0x1s385ryjdc1a9j5kt30qp5avafgsp2cepfb76rsz1n6433d8z80gydw7mqgvsnejdv9w63m87a2asahgk4eg4rt4jrxx4p81d0z5ty84yt0hwv6geyvtsz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%26client%3Dca-pub-4604570868082747%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
793b664e9da49b63-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:12 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 1D1D 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674752855
age
676297
cf-polished
origSize=97007
x-guploader-uploadid
ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 26 Jan 2023 17:08:09 GMT
server
cloudflare
etag
W/"894b1310ad36469d313fb67e2899e78d"
vary
Accept-Encoding
x-goog-generation
1674752889520716
content-type
text/css
x-goog-hash
crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMJ04WiZyRya0pE4%2FV%2Fyw2n7T7Cks5gZEt%2FEVGPKSqANH9kjcdCJfUxGaXm9yTcRI7CnxL1gHBiHNEE5bYYs00tY9K5Q4u%2F1dfzXFJ0OfjHc%2FAQaefBtgUeFYph1o%2FkbB1O3uKHjxAs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97007
cf-ray
793b664eee559b63-FRA
expires
Fri, 03 Feb 2023 14:09:12 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1D1D 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207836
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2F8M%2Fga0uTr7airtCFA%2Fa7kTJi3bIHzWxLJBO1jKTD4cQ%2FPaZoNMKbZJsrAncYZP0kkXOMHzQFW24jyEwq%2B6pKU4p9lYNNsLMO8EtBbZQJvqnhPQHuQJY3cj1UYCalOtlIeFRAyvmJUrRfAd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d5b3808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame 1D1D 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207839
cf-polished
qual=85, origFmt=jpeg, origSize=151606
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24794
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Oct 2021 11:55:08 GMT
server
cloudflare
etag
"d71e74a6f11e793171f7c83885ae5c26"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6obHVhkf24ySA1%2FDB%2FYPxarprP7gHTBaYKgjhScXidBZnbuWunYNEfHxtVt8D7f3rlYmdeWKHlN7fwXh5ElyWukQOZ29nKWWeRdnpHHd%2FfFhzlsOH%2FNSEgnsxM4c6M7IdzBRm3cJ2Sw6GBB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d5f3808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
/
partner.o2online.de/a/ Frame 1D1D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKSc7Jm2-fwCFW6Z_Qcd_lEJYg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 13:09:12 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Fri, 03 Feb 2023 13:09:12 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 1D1D 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207839
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H13bMaCv%2Bu5lOCwKo8T%2FONiTyGnPmP3PVEXG0gsyVhdsth7gVvrUmgnsWr5lXHARRZN8HJi3g6UQfsh3HqoSIm2ux2AnfUki01NxItoW%2B37D11r2kx4dAdCjW7rdx4%2FlWD9pfPG0wW79SINm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d503808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 1D1D 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207839
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgTZfkf7JrdqHsBvmec5daeoJSMlM6q5sZoezZ2vJB64Q4jVRJL4wR3PBC0b%2Fx6zRrLMkI1t8kAMw%2Fg83eHJGK7%2FSG8dLmypZrPsDVJScd%2F9BueAiOnnDXc%2FRdvPgH17Jarqd8MB%2BU%2BW6Vyj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d583808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
ztpv.php
www.conrad.de/ Frame 1D1D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675429752_f3e05930-a3c3-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
0
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675429752_f3e05930-a3c3-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
187808950
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=d9b2cdccb472a719
cf-ray
793b665119799100-FRA
expires
-1

Redirect headers

Date
Fri, 03 Feb 2023 13:09:12 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675429752_f3e05930-a3c3-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 1D1D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207769
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32p5%2FX%2BxbffJDkPFRNGF78bo3ZaSKLuzmHXdndGJzFql5nglfQChnHGjCyqCV53OI8kGsg1nG5ZtozWY2sr8UWxQBMA1FTDlm7krj04i887W36u9HM4sH5OSNKyhZxZGXXhdQK8e0h9wTW26"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d543808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 1D1D 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207766
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21B36Z0zwhZTnnzK0VbSDWfeqj1TWc2MT8GQXyrvRD2pOSVaCcCK4%2BoFyb%2FmBfcwx8z2GlHRuFXoFqNS%2ButwZR1kvFUxiNc3J1unXt8Zw3dZIhMHe8P6MBgVKWUqzd0PzMNeQusnNi4JeNRU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793b664f1d533808-FRA
expires
Sat, 04 Feb 2023 13:09:12 GMT
cshow.php
www.awin1.com/ Frame 1D1D 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6db94a98a0ad08283da637429db184fe%2F17040162162070713434&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675429752057&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksykbgc46enmnmrgtf33bjvxk1mma4p9xfcjs6a7r4gyt1y1n78z5nrhnk2fh5bqjkp4n06nsmt6h4nbxxwge7evk78263anssfwjb5jf18hzzf7414mzpadrw91266cmv5ewk24hkzgz88gmfp6gcdg8bev9czfk7j2cg07bmx65fc27rwebemk5wvdsnfr5yjre3a4ttf3vhb8d4gt1kb3ktm26c2j9tscx94z4z4phq0ey0v520kyrwsxr2xmw3yej71qrygptjxa6tc3xby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqISsdgfdY--uL5mX6gSYm62gA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTpAU_Q01afyAdvq5NN-IpEx0_a3E9OxoXAa2Bmex0SAooGm5FFB2XUXFhQ8s-PwmKW65xGZFIzruvMe5WGnZaRMrLnQZxmAVHr0k10N94mKUd32mUQQV7RjKn7Ih-Imgm2cNiquAR5hE2P_3HLr4i_QASGvgOOmay2ya-zkIDK73B-5ty6GuWEerV0e0LjKmPd-kaNpDVhhdJWXWWlpeShsFHcfiCWI8-kDafV9HeIEL5SljKYE7Ylm1r4tdJENxui822hpgsOf8XJTZgN9K5Eep_rYp9XiyS0gzRMrfceAYuxkJrJ8OA1Hg5SgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ltD2KaMhhX4tgm6375jf8N4j_wA%2526client%253Dca-pub-4604570868082747%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.100.111 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-100-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 13:09:12 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A903 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPm2eQA5P3IB7APNsGb1OBz-iLI5GVpbbsBgckQwAauc2FEOh6NzCBjO-4Z98PivHl8RhqRGeeNGl511ps5URl3OU&sig=Cg0ArKJSzNpbD8RJ1e8qEAE&cid=CAASF-RoQdY-TlCB52I1zaLGYoGzcqpEPM5g&id=lidar2&mcvt=1009&p=0,0,150,950&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1785002&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675429750498&rpt=1011&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F0CC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLbP0dOBaiXmbDMV2d7N1xjbArPRlv_m69Ry7rEnl6Z2_x22zwza7ID5TJ0qvGswhsEsZCKpvYXQuk2Z1VRZzvHlw&sig=Cg0ArKJSzJGcmgC2JYDBEAE&cid=CAASF-RoPt8JRlmciGH45HYrI71CpPMgophF&id=lidar2&mcvt=1011&p=0,0,280,339&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.52&if=1&vu=1&app=0&itpl=20&adk=3682033334&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675429750571&rpt=985&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:09:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 0FFF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hU9-u9gie-fvzp5zf0AskeXqZjbKP9bjrFkdq_If3aHMCABKcddQ6sC62bkeIXm3HOZqbOvyxijzhTfMoQ1kZne2Hqv9KpLu2E-5fsUi38W9PhmdJBCeGJTMpqBhxwX71wiEf0GeLVOCkyKVvslIECJ4PzKqanPFtR3tvRKRmc3t1lLTkxelPdxlyAqUSveC5_k2e-zJTApKR26oC1F6bxcQJZRVjoAKQAoIOw1PRSMm7g3_Z3rA05rwEGVltCY20KkiWw&sds=2&rev=84569&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL1EgKmrDTAAnRvuCMK56xO_n2Pen5Nw&u=%7CLYTNugS%2BPUSpdrAE5O5kYwMIvJ12lcfXMltnU1Ho3CA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlWDpE2ssajvWoy_Bv6JZ-dG_wZJpsTaGFxwgiHOCBYmAtkdrbJy17AChYjvjd6T0wn4IZ-h5-pJXflb-Q-8jls9zQ60N8lrkvleuZiEt4OaneR3KqWmdSI-EbyWvwdK6h9qYbl_BYsRI3spXhLDhFekWj-LDUM601Jc69VBn1gqi6iGOoQ1Bf0pUao_oqMNtqh2pslbHItnllFFyBAW9fqd39wr-I4dOOIt6A6psk5ITZFk0nY84d8fJwp4bvxJxGxil1R1bhOZVC6H47FVsSy8uC1m71x6BqGQsz03qDeYuISC0cmEQobMG3HzBJxakZClZYnZYAUwY-Mh0Mhm8Ao-ljKv00_kbvbmwooXadUmlmXxKRi3tgazc38HbrEcnWCFaGPvWhzii-oxwpqyueZUbJc1tjRsdJs42bVQ9z2CHE5roxdOB744RD7BqC7bFEXotS7MFYJqymD123-jXAQYe5e6F6UqTpuIu3f8rstL0iRdhPw5EfD3AvnXAOfEIuCJGHl0yRiq7Tfo60ujSV_TGapirD-XFqnwvonDZWv5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu4bIdgfdY8ioL9Ph6gS-o6fgDMme0rFcvemV93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYwNDU3MDg2ODA4Mjc0N8gBCakCDqjL0mBHsj6oAwGqBOkBT9B0eSfQAgcJdKPgbmtXdfGUOjrks0svZ3ZGoQNk9DiwmuytpvHW8PtR3RDfUM_p9FJ97G6jMqUgdPFopQEUhY-QYFmuiWHY0kk6Q2OoHmhEL8Q9j25L7vhkqcOS4gI69MLsltcrbi9oNchtMHDsLSQ8J1TFzgfU1SfNVlgmoyX6Wg84IizKOpBL02FK7o1ZqGcGfxuPMxOSqofgCg6BgvLmK4vEVtQS5vfmYmlobdqW7-3KLAIaPcdfMzO6_8ybUmMaNHi9jElLklqu4OqdlqxlC9_afyLZa9nwAh199PCetsOXrNi5T7WABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oly_wYrMbnh1RbW6THJ_7uq6_Sg%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 524F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=5qDB5Ngie-fvzp5zniEDABiZHoGDxM5d2QkklmMNv0YI_xo2pDM3tyuOi4BG7pvut0f4E6XoEbk141X_ePJaIkBVKNu2sHplBILHcLuz9Hyz59dUHNil8abocum8ecuHQTUsYcl-f-NKATgtoWHeQ2j5LNz2X21BhHgt8F9NXwxM109J5BSjLGyNoxptjt0CdGqE6x56bbHqGO46vaYZ36XahA8t3xhVmJliCm5I_NNUs3dWg4vDA77CPEo2pqJUci0xdQ&sds=2&rev=84569&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90HdgAL2MoCO8Q5AAcLS6sF_0G08vJ08QUAvQ&u=%7CLYTNugS%2BPURAPZMqGOAkYh8JfDpaA5DSqNJJNj9AuXY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_VkoypvCbmlbURZ9XTPPq-6y4gQRA02F5VwVQe7nyDc537H_9m3EyXYRINqfk6gSN_fcfVZZwYKxWQX1kFED-UxzX3mGpp2PGdj7f7BX_GlY0OpAmrlbbtpGNrF-wYKwSRJlYCPnf9o4y0eUoB0ERCvGYCS6Ox_AqThSjSS-FIygmc1jz9MlPMeWkihZ8ERW4No90o5Ou3ZvcAq5so8HXfqXbQy3N7IGSVte3a1akX-q67BvKz2sgDfnEO0Lxf6iBlLxUafrNAsFWLLHs-amKFnWcmehT-pLxLJbDQZDjG4HLX1_dIuxuGBfD0oeiS85P7h7A1PGH9Emive7BzWTX07I7I2sbCYzZfT7S1wcHHTptAs9Tf9NCkQYYr_UZVlpk7gANfAG1UaIp47o2hJvK2b-O6tRQ26kWOzF0HyaJ-l7mbFvuWMAKktLjEUBvz4IsYGYD73eXEH5QNYQR3yk4oXrLuT-20-gVYurrcT7GDtztsggx4918wnECDsNiOiOEC5RY8aFbe-zX0LwSIoo2eP4Wh36BUHBMRvA46zrcQGiRqla8GIqYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeR7dgfdY8qxL7mI78EPy5acmA_JntKxXL3plfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2MDQ1NzA4NjgwODI3NDfIAQmpAg6oy9JgR7I-qAMBqgTvAU_QIP7Z6q1TESaMNrq7M6pMiBv0_6aUrepNpQakNqSGpsSGFb0xinIT1WEDMgJlSdBr19sjij9Hcuc82fK4cVomBpHAUpUx1cdSIP5LRGkKZEEInytxQl5gPx3H2zxDCYe7E0ZDGGRDXJOKT0AL4suw3W9e7IMVq4UrLiPlYOagCr2WGHVt4yLLT9BYtfHQdAME7KeCRnNF1AesYaeZ7Wezn7-k2ovJXI6zWSYT6vT7SkGyGmZzrvuXRA1hJMPLjSvUgofTMwh46t0NZelbVTfVQL-gKN84DPExbQKtAuS-HzwUFaiRWomx7Yw1w2xMgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17fX3GQJe3XLli1Ngtxhkx7w5cJQ%26client%3Dca-pub-4604570868082747%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:09:12 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27368b3706accb0856e4e6000fbe5c5b5955c3d79ef6d7c2996026993868d3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11246
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4604570868082747&plah=pastes.io&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 13:09:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6036 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
189329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 08:33:44 GMT
expires
Thu, 01 Feb 2024 08:33:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1654 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d9108a8fc86825d2ff8cfacd15d339aa576818db23b186806dc5be2bae43d5a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KInPRg4SGylj_uvmMhVatA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastes.io/dwkbkmuilh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-KInPRg4SGylj_uvmMhVatA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:09:13 GMT
expires
Fri, 03 Feb 2023 13:09:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 6036 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
232148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:40:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1654 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=2583481285933463&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6036 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WN0n1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=2583481285933463&bg=!7-yl7KjNAAaq5O5FiuQ7ACkAdvg8WkcAZ334NpAXGGbb7z8JcpNROBK2DvXiqUyWZlhsyph9K57a0wIAAABWUgAAAANoAQcKAHBl7mGZfLlNLEunVBgFWf7TQ5nJOAdQMqy2E2UdsOBrbJ3fjQ_MnGbMo1YFIqWxYPdlHMCdlK1OsWNiyoWHI1xqS09F2ko7CdeRhPevMf2Q0wsbX3EfF9pkxduqVxxHFGCH7UxDvbmm-HYUy86gfvTdmQKljJMPf_Onw0baT5xIPnuTf-1YIpZ7alutWsesBVskjMJQa617QwNwLULOCieGDUhCH5oAulmGeGRrWqnt00jm1d0-ZtnLUH8_auLd3bwg-x4kET75tWWRSfMALNSZJaMWw0189J20vb5R32VcREojdbn6sUWyzVwjDHeQlp04eoFtuwfWXG71pruR-oZv6eNfOq4bRw3A0NzaT-I8RyoQnKYfA7mSmbhy9VcF_YkkL6oZccJAE0DRWEvu4YI54ByUvUqhVFusnVxZ86ki7RZvgXLFIaRHIraDmB4MX21Hy4ojKGKcnptL5hs3OYso2M_wyo-CE3frUF67yCI59DjqHRyYMKQAo0ssNQ-4SGTBNYQZY_E2ZCrJCB42i2YPP3ZjY_OdW7vTH7mMxitDqBoFSr09v2LHgWAvBnbOs5D-j6um6a_fOCOIjBGdiryCBbWLmxG0usvwcJP71C2zoQBBWKc_1otRgpB8przedzbytiq6RboRpkhmwW0IOMkgAJY3w_RV6Q_QbVTSs-W14lfn21MqI-_vFfG8r4EuLZt34s8dWT8VsMkRPdTENpQFpvBKvPK3Ns-Yj41ZC2AWg6ecrCzmo0ClY-gezqLZ1pwys7vpOrK1gzYdjaFFa_Tz_YCfv9z3yDkx_TMnKnQxDVGVCK-jDcHT5wTtGwipZrpeQiec67taNmZnWXVd6-fs90etI1WAbLCAaaaxXUuBwJLKd7lotaLZ9J-fIAA9z9JshNIyLKxhREVtVkjrPlLkEyEz69GtLLFmOIE92AcpjOMqDjjkv_8HBeADhl47M32U56b-IHWekaGUtA2MhhjYbN_dabmn4m7uZs_wrZlcdOwDgItck9xdb5pmDNL4eyUxpeABgHxtTsxey3zkQHecZYLhJiDddLc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
track
counter.dev/ 		2 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://counter.dev/track?referrer=&screen=1600x1200&id=f9eedfb8-c242-4d48-9840-f7f9cccecd7d&utcoffset=2
Requested by
Host: cdn.counter.dev
URL: https://cdn.counter.dev/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pastes.io/dwkbkmuilh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Pr7RXJpIfZH8IAPdz%2BAs9yPvYYmjVq84gfnksP%2BShUWq4bhaFEM64xLaKGjK0NiC%2FDoHSPc7U2e%2Fz7yzdaCxk22yw%2Bkq4mq%2BQe%2BgIfTqiiGvei6%2BDXNbA8%2F01zBpcgbVC4VzrvUrL3wWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
cache-control
public, immutable
cf-ray
793b66614dafbbef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
expires
Fri, 3 Feb 2023 23:59:59 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange function| gtag object| dataLayer function| admiral object| googletag object| adsbygoogle number| max_content_size_kb number| paste_editor_height string| ad_block_message boolean| isAdBlockActive function| $ function| jQuery function| printDiv function| featherSVG object| colors object| FB function| 4dm1r11545242527 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| __buffer string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| Popper object| bootstrap function| PerfectScrollbar function| Hammer object| Unison object| Pace object| Waves object| i18next function| i18nextXHRBackend function| i18nextBrowserLanguageDetector object| jqueryI18next object| feather function| handleFileSelect2 function| copyToClipboard object| toastr function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal string| content string| txt_copied string| txt_copy function| CodeMirror function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| hoverWidgetOnOverlay function| hyperlinkOverlay string| syntax_extension string| theme function| changeMode object| splitbee string| sbCtx boolean| splitbeeLoaded string| mime string| mode object| GoogleGcLKhOms

38 Cookies

Domain/Path Name / Value
.pastes.io/ Name: _ga_3C9G1SS24S
Value: GS1.1.1675429749.1.0.1675429749.0.0.0
.pastes.io/ Name: _ga
Value: GA1.2.1716922820.1675429750
.pastes.io/ Name: _gid
Value: GA1.2.993175695.1675429750
.pastes.io/ Name: _gat_gtag_UA_216162563_1
Value: 1
pastes.io/ Name: sb_uid
Value: uftctek0brf
.pastes.io/ Name: __gads
Value: ID=36be41a644c24f6a-2273ea0389db00d6:T=1675429750:RT=1675429750:S=ALNI_MZMnf-ZMqjRd5WXI5qu70IKID1iMQ
.pastes.io/ Name: __gpi
Value: UID=00000bae54eddc39:T=1675429750:RT=1675429750:S=ALNI_MYZIOCNez1uJKOWwtIQnAXJXf_V8w
.pastes.io/ Name: _awl
Value: 2.1675429750.5-d6f175a88aebf9a5f48de29cf2c2965b-6763652d6575726f70652d7765737431-0
pastes.io/ Name: XSRF-TOKEN
Value: eyJpdiI6ImtYcjdXQ09sdnlFdlRjdW42NHZuQWc9PSIsInZhbHVlIjoiakp2ZGZXd01nNHFGcFFaRGpLS2FHNlIwdDV4N3YzNHVOc0FrNnFLRjZwd1ZtaGZtWkg5VVN1TzBncGptY25ZdSIsIm1hYyI6IjA5NzE5ODM4YTM3MmIzYWFlNTJmMjBiNTliMzZmNDQ3YzhhMjJjNmRkNDY2ZDFhMzBhODY3NTBhMDAzYTY3YjQifQ%3D%3D
pastes.io/ Name: pastesio_session
Value: eyJpdiI6IlwvRmxEd0lBcEh2b1wvdVJ2ZUZYWUQ1Zz09IiwidmFsdWUiOiJJYml1TGZoUjFWNnRsVXZrRHMwRUcrRmNlWkVPUXR3WFArcHZ0b0RsendvWmtkaXZkRTlmQVorY25pNmNSeDF0IiwibWFjIjoiZTgxMDE2ODZmNDQ4NjY3MTMzNDAyNjQ2YWNhNGJjYjNlYzI2MDJjOTYyZTJlNjUxZDY3ZDgyNjBmOGNmOWQ5NSJ9
.doubleclick.net/ Name: IDE
Value: AHWqTUlsp1UY3mUO5Z71Pz4hehEPA-5BViaWzPHFx4_bAkuKcY0aiplIOnkpQVhhX24
.quantserve.com/ Name: d
Value: ECoBCQGaKIEA
.quantserve.com/ Name: mc
Value: 63dd0777-7a8d8-fd896-0a673
.360yield.com/ Name: tuuid_lu
Value: 1675429751
.360yield.com/ Name: tuuid
Value: 2abf5056-3dab-4b19-acdd-69327320824e
.turn.com/ Name: uid
Value: 7050967588276296357
.mathtag.com/ Name: uuid
Value: 35f063dd-0778-4700-a0b1-9a38e66c8578
.mathtag.com/ Name: mt_mop
Value: 4:1675429752
.simpli.fi/ Name: suid
Value: 11C6E3A2FD55472BBD87BF2BA7554196
.w55c.net/ Name: wfivefivec
Value: ih37ekLJ1PnVOv5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CF9EBBD7-5AE5-4C12-843B-E7C34E532DC2%22%7D
.de17a.com/ Name: guid
Value: 1.2270645353551143456
.casalemedia.com/ Name: CMID
Value: Y90Hd2rIQcUgA-yHjyylAgAA
.casalemedia.com/ Name: CMPS
Value: 1174
.casalemedia.com/ Name: CMPRO
Value: 1174
.yahoo.com/ Name: A3
Value: d=AQABBHcH3WMCEDZuv4FrOJj0kOcf9MV7uQUFEgEBAQFY3mPmYwAAAAAA_eMAAA&S=AQAAAhW_3O0ykTVUy5R02iWBQq8
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~29sd
.w55c.net/ Name: matchgoogle
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: aKnseFxNeThBeZdwQMhEmgFLw34xo6rJtKZa1bTZbZcqcsNInpTCjYWpplOvZajDTXGx0PuZc5nZbMh8NSgJdINPVcZb
.awin1.com/ Name: awpv20044
Value: 412871|1675429752|f3df95e0-a3c3-11ed-acb0-22645d5ed731
.awin1.com/ Name: awpv11354
Value: 412871|1675429752|f3e05930-a3c3-11ed-b22f-2232cde24fee
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1675429752
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: TFGL.hv37LgITS89puH1p3v_Cs30CKyXsqBW4AJBVlE-1675429752-0-Ab68VtraSeKUxZ/8RFa8TckqNQ5wqayFPj9cC6yddIPalOe0c07Umo6VyUArBhI3sbIvUPHBR+dF60+Ui70L984=
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3NTQyOTc1MnZsZWExZGUyMDIzMDIwMzE0MDkxMjgxMjE4NzM5Nzc3WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRra0RhNWYzZktEUXdzNEh3SGV0QnRWVldmWlNqVG1tQWE5MVllb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyMV9CRVNUUEVSRk9STUVSMTE3Njc5
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023020314091281218739777X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3NTQyOTc1MnZsZWExZGUyMDIzMDIwMzE0MDkxMjgxMjE4NzM5Nzc3WDExNzY3OVYxMjI2MTMyNzAyT

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4604570868082747&output=html&h=150&slotname=9037292310&adk=1785002&adf=1645639513&pi=t.ma~as.9037292310&w=950&lmt=1675429750&format=950x150&url=https%3A%2F%2Fpastes.io%2Fdwkbkmuilh&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675429749727&bpp=2&bdt=1882&idt=726&shv=r20230201&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8709760724522&frm=20&pv=1&ga_vid=1716922820.1675429750&ga_sid=1675429750&ga_hid=1249400759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=142&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071765%2C44779794&oid=2&pvsid=2583481285933463&tmod=2110557400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6cc83TIJ85&p=https%3A//pastes.io&dtd=769
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
api.qrserver.com
as.ad4m.at
assets.ad4m.at
cat.nl.eu.criteo.com
cdn.counter.dev
cdn.splitbee.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
counter.dev
csm.eu.criteo.net
d5p.de17a.com
dustyhammer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hive.splitbee.io
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pastes.io
pix.eu.criteo.net
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
sync.mathtag.com
tpc.googlesyndication.com
ui-avatars.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
104.103.100.111
104.18.33.19
142.250.180.194
142.250.180.230
178.250.2.148
18.156.0.31
18.195.73.173
185.29.132.241
185.86.139.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.165
2406:2600:4::1
2600:1901:0:4277::1
2600:1901:0:76b9::
2600:9000:214f:d800:8:48e:53c0:93a1
2606:4700:20::681a:478
2606:4700:20::681a:578
2606:4700:20::681a:61b
2606:4700:20::681a:8b9
2606:4700:20::681a:bd1
2606:4700:3030::ac43:888b
2606:4700:3036::6815:5e8b
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:7f05
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:400d:804::2002
2a00:1450:400d:806::2008
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::21
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:81a6:56d8:c5db:8c4d
3.122.16.208
3.33.220.150
34.91.62.186
35.186.253.211
35.190.0.66
51.75.86.98
66.29.132.145
69.173.144.139
84.200.5.215
88.99.63.132
88.99.85.235
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11ca4973dd59adc56357ae9bd3ba7e3773d1b0b12b77cdf6f69193736f205d53
1276ded11441d2462ea0d994be5857a63e4bb02032eb4691c5933b70c44f925b
13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
154884fb0942117405532f2c9f71e1c46c08cb51db6e520ca420edd68ff8909c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
22664da6d703bacc311f80027a36fd8261a7240289ef398ff4667faacaec6861
27368b3706accb0856e4e6000fbe5c5b5955c3d79ef6d7c2996026993868d3a8
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
347cd3ada9898f6dce9635212196ba165dfb4ae336d17ce6318b3d27bd612175
38fc09d3debfad949531c3a097185daa56695dd779757e98fcbcebbd2c21bac6
3b8aa2311d3d785a225afe46d73cbb380739529ffbdaff1d301c7b72bb6ffddc
3d820fbb7146d278d8838410dd3ea8e9e802217af73b86c930d4806ffeab80c1
3e3d7c9bde7b57297f82b8ebce7ecce13024e592bb72f035682248e472c6bb88
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
40940bceb5217bf6413dc859b431e5936d7e0e6531f85826d8549558078d1f32
416d94cc35e6444d38c032140e717befef2e6f919ce6c89c4924d240910387c0
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4353a7702a269ac78f59dce6e0f46c1defaf681c074fec7f19b77be823d781a1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dffff713f836780dc960edf09db055e290247695d7e6f32f940c8b55a3e08b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5068c4c078aa75505850d2b7993bd805a8d0396202ddfc37429b8247010f9a8c
523a9b2814dc2706a78b77d79dbdc1e945a0b85f22118028b8cb139f8db948a5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5abda823cbbf370ffbb52bc61fbabbf4d2f3eaa04e146c9805273f066a100a58
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d6fed4682df44d0d96a062f9b0a091a162c9ce179c6896d94ad14b388a52df4
5ed9cd2428f08f396dc10b8e866d1caa4d5b46179684313fb9c5edd5c903116c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
665591d46ec09c45cd58914dd615df65e8a27e212a0e04fc2e125c19b6fbc929
694914eb4247927229e1c677ecade7674aa59fe6f12f91483333940a32c9cdf8
6ae89bcea08a4b037b1bc6bd2e4729f68e15c263a62182b1049addd802881b54
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726a79a3fb6de54b73b65ab64ed65a74c015ea5a949aa0b9268799de176f509c
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
7870b15ec652b5f84c566983875510670573e910d69b10d3a2146bc20fd689fa
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570
7dfe317df7b8b774a8a768dfb9cbfdfc4edef3a319bed29fdb87dd13cd53403b
7f8a524cf4f533c441ec342a397566f44c157c1a4ee8830eb49db90088bdb0ba
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
8ba667244df955de52c5b40ba4e58473a1eb1aada2292f31ff441dd449755d71
8cf3a78ba6b10f2854f883fdf9fa906ccc5558c1fc57583c4bd4b4397b5990a7
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
995e3b7f650bd9a2df329aeade58a4dcd6f28ba639eb9d1aa5380f82974434e1
9a29872c7a8f5b61d49ec50c7c4b9542b6c9236d695815820cc74a0bedd4d933
9a715f7ac867656f6bb33d32b8b2924a647b8a941de540eef030555ecaba2948
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0041f0ca41f5fc84c5745e0155da2d6e1254c49ab58ef2a48c915f20ea4025
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e361157996ee9b9fbe5bface7365726f60bd294d83e8ce805e23297260d8194
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c5d9c8b471e9f7f0a70e0d5ba053c14d650aa16cb22be0cc1b85ba31d9d96d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7aa171f1d950fa652f42c4677c4668deebe1055993268ad2ba098c8951e5307
a7b489051d44d2c22ed5121c6112d82a4e73103ad950779a9a37bba2653b1216
aa730424801f53a2e5d344701b2fca2680ebf9c1096aed1d7e5fdff3734f3f39
ac69939a25223ffbb9055f9a54a429bc6bb24d1fa00af9953e48a79177da8182
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b3c7b82a303d4482bfefbaa366b8714956b940db3f494806e1a28fbfb3d146c6
b3ddfb37ed78728bb94cd31a9077ffc214ce9f3853218d8bfb1927a4ee291efd
b560d3ca5a0b22cd92b8148921bd1e0d11de26f875ec41c938f6e7827e093279
bbb97224d040e8af1f5552e15f3325bcb159047a9c850cfd59ec90dfc6ceeea9
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c52c1d627b1ed6ad74293c28ae35553f9de96f2fff926f7e4018618247cb3c98
c73dfd28de1fea67655102d3ece0bc053e07154916f0e32af50e5e3be116eaea
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca758171e4a358c66e79ef141975241f291d62eab0dc467bbd990e1d8321b850
cc8bd16282e8394be2af197e52b5e08b61e78e936463c024e06e5c132544e4cd
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d1402e2c2f670d0f6fb696407b6c32549985629f6a85c3f946e25e2b60b315f4
d2cbc3f9ac9294fbae01400bba0383db3af0134739a2e732a86f3dd4e41e2ba9
d3c38d52ad39828dc7bf990d398bf991905baa7879071ea856fa892c6de95a2e
d412e37ad91838a27d9db29a2c39f6baf75e1ca71f41566d61b114c0aa8b7886
d5e098d2863808a8705f9d74d232575aafbcb218580ab21db42cf736991e67d2
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d6d4c997ed8dbfbc53b534e15ab70ee0f2e7770947d828f2cd4dd683449da81b
d8113222855baf9f8bc347bd6a7e50212675855a8cf5ae764c1d222ae95a15d2
d9108a8fc86825d2ff8cfacd15d339aa576818db23b186806dc5be2bae43d5a4
da6cd6358b6f0d97ae38326cf3c1cf4ab8075be9bc436bfd2093a46b4d543b74
da7fd7f1eddb1d0668db64c337ec3c4ba22a847a6a8c52186c48e0ee6f823b53
dadf6a9423431208c04d261963def3bd3efdd1021acba1745e23969b8b410327
db15c73725fb887ad2f55038e3170602a4efb0ef8c0ba3c04e19ec2bb07c40bf
db4263521b2d7a91e26020451c201c7e0966baece960f663a16e5a4f189d1fe2
dba5f1a65b2f4f42fa650d92f6900351a8878170a0b216f17a011712c83d73d1
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428d1570fe07412cb80e01a0658da2f85fa71c5cfc6ab2ca1042b62eb4819ef
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563
ed7ab948c1df8600b122c4bc1a668b9ce246e200ae1053f922e0bb3663ef123b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f804f52520f38b47e6b486e45fc2760fe5226f268a19768dbb24dd5697653df5
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2