tutpaste.com Open in urlscan Pro
173.231.244.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tutpaste.com/80414/
Effective URL:
https://tutpaste.com/80414-3/
Submission: On April 10 via manual (April 10th 2022, 3:02:45 am UTC) from RU — Scanned from DE

Summary HTTP 111 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 22 domains to perform 111 HTTP transactions. The main IP is 173.231.244.20, located in United States and belongs to IMH-IAD, US. The main domain is tutpaste.com.
TLS certificate: Issued by R3 on February 28th 2022. Valid for: 3 months.

This is the only time tutpaste.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	173.231.244.20 173.231.244.20	54641 (IMH-IAD) (IMH-IAD)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:3600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
111	26

16 173.231.244.20 (United States) 1 redirects

ASN54641 (IMH-IAD, US)
PTR: vps50168.inmotionhosting.com

tutpaste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.verityads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.23 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:3600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 pix.eu.criteo.net — Cisco Umbrella Rank: 7400 csm.eu.criteo.net — Cisco Umbrella Rank: 7420	334 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	213 KB
13	tutpaste.com 1 redirects tutpaste.com	178 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	26 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555	106 KB
5	google.com www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	211 KB
3	verityads.com app.verityads.com	22 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7579	914 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1396	690 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1591	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1537	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 962	324 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	645 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	79 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
0	weloveiconfonts.com Failed weloveiconfonts.com Failed
111	22

	Domain	Requested by
23	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
13	tutpaste.com	1 redirects tutpaste.com
9	pagead2.googlesyndication.com	tutpaste.com pagead2.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
3	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	app.verityads.com	tutpaste.com app.verityads.com
3	www.google.com	tutpaste.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	www.google-analytics.com	tutpaste.com www.google-analytics.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	code.jquery.com	tutpaste.com
1	fonts.googleapis.com	tutpaste.com
0	weloveiconfonts.com Failed	tutpaste.com
111	30

This site contains links to these domains. Also see Links.

Domain
app.verityads.com
verityads.com

Subject Issuer	Validity	Valid
*.tutpaste.com R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
app.verityads.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://tutpaste.com/80414-3/
Frame ID: D156DB1AA86D29DD8E27DA8D98FB4638
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: CF5E4C29872724531875AB37F90C6066
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=280&slotname=7569742801&adk=3857911285&adf=3760464458&pi=t.ma~as.7569742801&w=1140&fwrn=4&fwrnh=100&lmt=1649559760&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559760022&bpp=5&bdt=592&idt=70&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&correlator=6132008929438&frm=20&pv=2&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JzChHnMTOI&p=https%3A//tutpaste.com&dtd=82
Frame ID: 0028FFCE2DA7CC44B1D1CBCD6319C69B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0AACEGcKd7BKAAH_g_yIQku-oBG__PO4cA&u=%7Ck1AzKzgRp5kEOLm%2BaEWd5qtRGqqhYKWsqlC5mnkYkYA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywfyK7HpOAI69FH3ClvBFmzMV12kKMAEp5HZx8Ki-jG5KotgdBPovgJ1KbDFiBtCs0QgNulXoNOlUWCgvbF5kkeDVcuhGgY1VSrh3wyU-q5l0lPiH4nck0JvWecGbwdW_D0ki3HbqJF04-Lbp-td14wAkzNcTUx7bfGd5uwIsv8sj7voH8eRYci2IG0Uy6WwMCxdy1Vo8E77xp1hE9wo5tcDWHl1N8tgDclx_EO4pklrh4o7ugce44yQtQbpxZh6fIxodD2TueqM5p6HhDuN3FAjfLys6hH2yHX4lBJclo1zSGwjZz3Kea9F0CtRQs987DUBMCecpfVtFbDwIEpYTRRePDxC2xRORtj4AWnRrIDfd0fxlnhISzPOACsnZcg732VZuK8HHvcP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJ_p0EhSYuegCMrg3gOD_4eQCcme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjk1MDQ4NDc0NDYzOTU2M6AB1bbS6gPIAQmpAphIlDw8P7I-qAMBqgTGAU_QVhtXWCXS-LxlNgB__fw0vE58J9DdhUZ46dMxDQ41DeFqdZP1P6vQFjbixoibA5V_ybbfL1xSSb1myM7maMYAoTx80D8bdXwmWRwB-7ZQp54R__8LoZPWlV6PvkQ8Veh5BoNJrBqVhJ7WWwoS7G00BHC42_sHy5svdVp0lHQiD6_Hi1y4hYvHEtqCXPeYqleORt0lPwElbaRXLsqeUjuFACMjtF3WZSHh_gPd6dTZqd4XkIN_JmF29ZfUdaU0KgDLKjpcK4AGrs2s_5uA5Jl6oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WROD0NcbvLcWzvnaKzKsQ_Ikkgw%26client%3Dca-pub-6950484744639563%26adurl%3D
Frame ID: 7F4755BC38FCA38ABF262AE69B0DFC83
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
Frame ID: 6EE023BA2F5C4EFB7AD72FFA22639FD4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&adk=1812271804&adf=3025194257&lmt=1649559761&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761284&bpp=3&bdt=1853&idt=3&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280%2C261x600&nras=1&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=13
Frame ID: 61FC445CA5EDCEC9C0A2141D70C6564B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0QAEQ5gKd55IAAj62Z0bMmrT3kZ9exnXkA&u=%7CnRE8k%2FyTfv4%2BUv1P2M77tEjUvWX%2BBQ4GpC8u1MI%2FwyA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXMmR0OcO77e6Sm2KEIogPUogGFEdgUaO7z4LgsKhbbEbYUfd3XC6Ic05fgssPIXLXZsUOiCHGovhJ7dWBm6maB1P9GWiWuQiBkFboqDPCU0eh29aIcQ7DFbtbj7IyKE1Ho-bu56PkhJRR0hC-0SME8BZK1tkUkF1RQCfE_eNs2ognh81myeMbNHuMBXFgmvxmCUw3Uc3u7LVSwBD7cJlZFp2NgRK5qIelvoESWSUSLjLs49XDNIeFFg0z8ZYqu9FKgeabsOIK2NLcemATDjfxM9_xNLcGmWKlvxXoS9Rv0Jj2kW63cvuhZ6OK742zF-H8Ramn_d7JtUCX_RBONcA5yd5polSKSCWFsnNcBVCs6lA8Q0F-kjh4_54I_lgwHxdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe5Wf0UhSYpiHEci83gPZ9aOIAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTY5NTA0ODQ3NDQ2Mzk1NjOgAdW20uoDyAEJqQKYSJQ8PD-yPqgDAaoEzAFP0J-rGzzbeQ3wzajGa0t8W-t0zd7CThMKgZHXSGGjmCH6FYpcsCr6f7QuEGMmFv35SzeBtcQ4km-dUS48Y9HRCoqoLCDoH6-sYV8-LA88RFGUZfLHQq8LdyMxtqR65bBkDLvpKBw4PrL-4tJQEVHAaF0cbLt-TZIb3xoD8Bh55DUqBBTVMPUEzIiFhzt8H1VEjYWVLzvoLOXJC0K70-3JSBjTshB9bGwvRjLp7iH7j1QU_9cjlQSwTcY7xTB_eMCQ05Gnf8WdOBCqhkWABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kwqSWdVr3udAIYyt3frI5A_Javw%26client%3Dca-pub-6950484744639563%26adurl%3D
Frame ID: 1B474F9F1C51A1BFABDFF9D209C66DD4
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51B1842C4D9EA0D05297405C1852F612
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AE97946B98B78D777558B651286C387
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23C129FF3453638E96F1A23341502D20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

افضل 3 مواقع الربح من الأنترنت زود دخلك بسهولة العمل من المنزل | TutPaste - paste bin for text, source codes and links

Page URL History Show full URLs

http://tutpaste.com/80414/ HTTP 301
https://tutpaste.com/80414-3/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

111
Requests

96 %
HTTPS

63 %
IPv6

22
Domains

30
Subdomains

26
IPs

7
Countries

1270 kB
Transfer

2533 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://app.verityads.com/ad.php?tag=5665509e51b6389a804&ad=9675dadcba56f361146&secure=3401138813&browser=Chrome&theurl=tutpaste.com%2F

Search URL Search Domain Scan URL

URL: https://verityads.com/
Title: VerityAds

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tutpaste.com/80414/ HTTP 301
https://tutpaste.com/80414-3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEDO5MWYO7pxHQnb4jQVANY&google_cver=1&google_push=AYg5qPIdImUNtiqoWD4aJeHHDBcFfOjTYLpSLIISf0LRaNeEm6ekLFMAEOa9k7mZnPKRKk9iruUVX4z59nFcclJqRsRP91OU7Xs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEDO5MWYO7pxHQnb4jQVANY&google_cver=1&google_push=AYg5qPIdImUNtiqoWD4aJeHHDBcFfOjTYLpSLIISf0LRaNeEm6ekLFMAEOa9k7mZnPKRKk9iruUVX4z59nFcclJqRsRP91OU7Xs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KlQ4U5E8TMi0mJsWrIiLFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIdImUNtiqoWD4aJeHHDBcFfOjTYLpSLIISf0LRaNeEm6ekLFMAEOa9k7mZnPKRKk9iruUVX4z59nFcclJqRsRP91OU7Xs

Request Chain 74

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE8gWdaobmgUbDGlFygqlJw&google_cver=1&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2DiWd4G1KBqG-Qsq3oxBPhuAo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFTUEFJMTMtMTgtQjlGMg==&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2DiWd4G1KBqG-Qsq3oxBPhuAo

Request Chain 75

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8&google_cver=1&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
tutpaste.com/80414-3/
Redirect Chain

http://tutpaste.com/80414/
https://tutpaste.com/80414-3/

62 KB
62 KB

283ms
99ms

Document
text/html

173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 6cd3e10f05743fcc303a619668f1f3d23bdb468e0d1da9f5b77f0f173712890f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Apr 2022 03:02:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Apr 2022 03:02:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://tutpaste.com/80414-3/
Pragma: no-cache
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: tutpaste.com
URL: https://tutpaste.com/80414-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f03035c89b21c72adf31735ce26474b3d5ad573b3fa8c81c3eb7a1f45bbafa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 01:32:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Apr 2022 03:02:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Apr 2022 03:02:39 GMT

GET
H/1.1 200
OK grid12.css
tutpaste.com/theme/new/css/ 15 KB
15 KB 253ms
92ms Stylesheet
text/css 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/css/grid12.css
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 48f232df5be9bbaf1f8357b1501ee2514d6dcc90876c5d8adae65fcb843ff88f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Wed, 12 Nov 2014 08:45:40 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15290

GET
H/1.1 200
OK bootstrap.min.css
tutpaste.com/theme/new/css/ 23 KB
23 KB 273ms
92ms Stylesheet
text/css 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/css/bootstrap.min.css
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 725961cff4d25388d5aca1289b02f50ac62a1ea32de831f8015cce8f5684ddb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Mon, 21 Dec 2015 15:56:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23115

GET
H/1.1 200
OK reset.css
tutpaste.com/theme/new/css/ 17 KB
17 KB 273ms
93ms Stylesheet
text/css 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/css/reset.css
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: b24e5fbc226d38f0f159063849f397ca08d7cd1c8cbe0814fb020cefc292ad66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Fri, 12 Feb 2016 02:38:11 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17647

GET
H/1.1 200
OK style.css
tutpaste.com/theme/new/css/ 11 KB
11 KB 274ms
92ms Stylesheet
text/css 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/css/style.css
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 9448bc84d97638590a5acfcbf66450e2ab5f17be98e409f706b01918e91627d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Wed, 04 Dec 2019 16:30:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11023

GET
H2 200 jquery-1.10.2.js Show response
code.jquery.com/ 267 KB
79 KB 30ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.js
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-42b2f"
vary: Accept-Encoding
x-hw: 1649559759.dop006.fr8.t,1649559759.cds232.fr8.hn,1649559759.cds041.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80743

GET
H/1.1 200
OK responsive-menu.js Show response
tutpaste.com/theme/new/js/ 300 B
555 B 275ms
92ms Script
application/javascript 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/js/responsive-menu.js
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 790635cf15e9d40563e314616a9e8fb78a1132d7022b8dd9f84386c09cb07995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Wed, 23 Dec 2015 15:55:12 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 300

GET
H/1.1 200
OK bootstrap.min.js Show response
tutpaste.com/theme/new/js/ 36 KB
36 KB 278ms
93ms Script
application/javascript 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://tutpaste.com/theme/new/js/bootstrap.min.js
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: a5567f54cb72c81ce1baf4a17c091092e89baf0325a6f06891a45417a004eba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Mon, 21 Dec 2015 15:56:46 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37107

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 38ms
16ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: tutpaste.com
URL: https://tutpaste.com/80414-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 03:02:39 GMT

GET
H/1.1 200
OK tutpaste-logo.png
tutpaste.com/theme/new/images/ 6 KB
7 KB 92ms
92ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutpaste.com/theme/new/images/tutpaste-logo.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: d7e0b397d48dd04dd7e69ee339c985c23704385c35ff9210e93f6e79ddb88af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Sun, 16 Oct 2016 23:01:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6442

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tutpaste.com
URL: https://tutpaste.com/80414-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

620d4061af8b6a6464174218848b99726d78b205a840e8078bd700d38c7e2d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53993
x-xss-protection: 0
server: cafe
etag: 4204892576611604218
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 03:02:39 GMT

GET
H/1.1 200
OK adb.php Show response
app.verityads.com/ 7 KB
3 KB 1098ms
95ms Script
text/html 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://app.verityads.com/adb.php?tag=5665509e51b6389a804&width=728&height=90
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: c1870050cf7ec0c64c0956705173420950940579471f248956c8233354d994e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 2614

GET
H/1.1 200
OK date-icon.png
tutpaste.com/theme/new/images/ 1 KB
1 KB 92ms
91ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutpaste.com/theme/new/images/date-icon.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 2cce950a3800800e073a7ea7b25d487af995e885fde2528327f35a0cf39abe25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Tue, 22 Dec 2015 21:47:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1275

GET
H/1.1 200
OK code-icon.png
tutpaste.com/theme/new/images/ 1 KB
1 KB 92ms
92ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutpaste.com/theme/new/images/code-icon.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: efd153de633b9e6f93d0453d1a94e0c40854004b39c9f427942dfc7021229a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Tue, 22 Dec 2015 21:47:42 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1252

GET
H/1.1 200
OK view-icon.png
tutpaste.com/theme/new/images/ 1 KB
2 KB 93ms
92ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutpaste.com/theme/new/images/view-icon.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: a311bca19399493eebde89a6a53b1c5ce47f09ef3c8be4fd4a7407a2b9eef16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/80414-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:39 GMT
Last-Modified: Tue, 22 Dec 2015 21:48:08 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1331

GET /
weloveiconfonts.com/api/ 0
0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 362 KB
143 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Origin: https://tutpaste.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 22:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145703
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Apr 2023 22:14:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tutpaste.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 361052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:45:07 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 301 KB
108 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6950484744639563&plah=tutpaste.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6d65a34b880721be84019726491f169511364f7ea9b2f956840b0499ee5473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110333
x-xss-protection: 0
server: cafe
etag: 1927627776348193482
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 03:02:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame CF5E 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 17:43:12 GMT
etag: 14837630671339829333
expires: Sat, 23 Apr 2022 17:43:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 38ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tutpaste.com&callback=_gfp_s_&client=ca-pub-6950484744639563

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6950484744639563&plah=tutpaste.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ff5222c2e8eb122ce8bf7ea849972c6438368a6fce1a237aa2c756437c52ad38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tutpaste.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tutpaste.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0028 23 KB
9 KB 143ms
129ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=280&slotname=7569742801&adk=3857911285&adf=3760464458&pi=t.ma~as.7569742801&w=1140&fwrn=4&fwrnh=100&lmt=1649559760&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559760022&bpp=5&bdt=592&idt=70&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&correlator=6132008929438&frm=20&pv=2&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JzChHnMTOI&p=https%3A//tutpaste.com&dtd=82

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1d39f5a5019e6dd6c82e498dff341d7a41bc914b7eef730aa4bb1b0c67ef1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:40 GMT
expires: Sun, 10 Apr 2022 03:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 0028 3 KB
1 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=280&slotname=7569742801&adk=3857911285&adf=3760464458&pi=t.ma~as.7569742801&w=1140&fwrn=4&fwrnh=100&lmt=1649559760&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559760022&bpp=5&bdt=592&idt=70&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&correlator=6132008929438&frm=20&pv=2&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JzChHnMTOI&p=https%3A//tutpaste.com&dtd=82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 02:35:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0028 119 KB
37 KB 79ms
33ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 03:02:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 0028 15 KB
7 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 02:33:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0028 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFu_A0EhSYuegCMrg3gOD_4eQCcme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjk1MDQ4NDc0NDYzOTU2M6AB1bbS6gPIAQmpAphIlDw8P7I-qAMBqgTDAU_QVhtXWCXS-LxlNgB__fw0vE58J9DdhUZ46dMxDQ41DeFqdZP1P6vQFjbixoibA5V_ybbfL1xSSb1myM7maMYAoTx80D8bdXwmWRwB-7ZQp54R__8LoZPWlV6PvkQ8Veh5BoNJrBqVhJ7WWwoS7G00BHC42_sHy5svdVp0lHQiD6_Hi1y4hYvHEtqCXPeYqleORt0lPwElbaRXLsrcUBoXh6y_p-JKcYIxw6Ul4MDTH9Q5iAHL7lzQByjKWb2xgITYlYAGrs2s_5uA5Jl6oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjk1MDQ4NDc0NDYzOTU2MxgA&sigh=pvqN1nHjk0Q&uach_m=[UACH]&cid=CAQSGwCNIrLMCIe2Q3ZVnyJC5WweTkyV5CyH2zAlXxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=280&slotname=7569742801&adk=3857911285&adf=3760464458&pi=t.ma~as.7569742801&w=1140&fwrn=4&fwrnh=100&lmt=1649559760&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559760022&bpp=5&bdt=592&idt=70&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&correlator=6132008929438&frm=20&pv=2&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JzChHnMTOI&p=https%3A//tutpaste.com&dtd=82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 10 Apr 2022 03:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Apr 2022 03:02:40 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0028 0
0 52ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UML9Esz6RPQImAKdg2ICAgAAAH5LGF6aY1RzEM9IUmLW4aLnFGfuy4bmigAS&wp=YlJI0AACEGcKd7BKAAH_g_yIQku-oBG__PO4cA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 325088
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7F47 192 KB
52 KB 153ms
109ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0AACEGcKd7BKAAH_g_yIQku-oBG__PO4cA&u=%7Ck1AzKzgRp5kEOLm%2BaEWd5qtRGqqhYKWsqlC5mnkYkYA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywfyK7HpOAI69FH3ClvBFmzMV12kKMAEp5HZx8Ki-jG5KotgdBPovgJ1KbDFiBtCs0QgNulXoNOlUWCgvbF5kkeDVcuhGgY1VSrh3wyU-q5l0lPiH4nck0JvWecGbwdW_D0ki3HbqJF04-Lbp-td14wAkzNcTUx7bfGd5uwIsv8sj7voH8eRYci2IG0Uy6WwMCxdy1Vo8E77xp1hE9wo5tcDWHl1N8tgDclx_EO4pklrh4o7ugce44yQtQbpxZh6fIxodD2TueqM5p6HhDuN3FAjfLys6hH2yHX4lBJclo1zSGwjZz3Kea9F0CtRQs987DUBMCecpfVtFbDwIEpYTRRePDxC2xRORtj4AWnRrIDfd0fxlnhISzPOACsnZcg732VZuK8HHvcP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJ_p0EhSYuegCMrg3gOD_4eQCcme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjk1MDQ4NDc0NDYzOTU2M6AB1bbS6gPIAQmpAphIlDw8P7I-qAMBqgTGAU_QVhtXWCXS-LxlNgB__fw0vE58J9DdhUZ46dMxDQ41DeFqdZP1P6vQFjbixoibA5V_ybbfL1xSSb1myM7maMYAoTx80D8bdXwmWRwB-7ZQp54R__8LoZPWlV6PvkQ8Veh5BoNJrBqVhJ7WWwoS7G00BHC42_sHy5svdVp0lHQiD6_Hi1y4hYvHEtqCXPeYqleORt0lPwElbaRXLsqeUjuFACMjtF3WZSHh_gPd6dTZqd4XkIN_JmF29ZfUdaU0KgDLKjpcK4AGrs2s_5uA5Jl6oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WROD0NcbvLcWzvnaKzKsQ_Ikkgw%26client%3Dca-pub-6950484744639563%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fc00c17ece979473c8883121a1bd153ab2cd20154cbde61f5d5dfec5941786b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CbjjebI-lgAuM47GODUSiGeBJ9MlYUVJC2reVbvX6Ewk8uw7Q7RYPp7Si20-a4OF3-Gg0YheCPaopva-kXYde0HevDf8inyV_xNcpr2Ty4vmhVcaopMMZ0qHZxqK-vaQqt8gqVaR2JJotaIxjwU_e5NK9MmeDQTAcXxf7qq8jbHP7c2aFNTsWyo0HkRxzRvTPpqbcZW-vDsIv1ix83qubFE5x6E_Kak5lJhrPmhtt5nQNP3HN04_GnnngcHU-BE0-V45Qw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90526845
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 0028 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b40c29083f89776b80683d09d1e575c8a3bd7ed855c01ade32da8b8165f02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F47 2 KB
1 KB 51ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0AACEGcKd7BKAAH_g_yIQku-oBG__PO4cA&u=%7Ck1AzKzgRp5kEOLm%2BaEWd5qtRGqqhYKWsqlC5mnkYkYA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywfyK7HpOAI69FH3ClvBFmzMV12kKMAEp5HZx8Ki-jG5KotgdBPovgJ1KbDFiBtCs0QgNulXoNOlUWCgvbF5kkeDVcuhGgY1VSrh3wyU-q5l0lPiH4nck0JvWecGbwdW_D0ki3HbqJF04-Lbp-td14wAkzNcTUx7bfGd5uwIsv8sj7voH8eRYci2IG0Uy6WwMCxdy1Vo8E77xp1hE9wo5tcDWHl1N8tgDclx_EO4pklrh4o7ugce44yQtQbpxZh6fIxodD2TueqM5p6HhDuN3FAjfLys6hH2yHX4lBJclo1zSGwjZz3Kea9F0CtRQs987DUBMCecpfVtFbDwIEpYTRRePDxC2xRORtj4AWnRrIDfd0fxlnhISzPOACsnZcg732VZuK8HHvcP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJ_p0EhSYuegCMrg3gOD_4eQCcme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjk1MDQ4NDc0NDYzOTU2M6AB1bbS6gPIAQmpAphIlDw8P7I-qAMBqgTGAU_QVhtXWCXS-LxlNgB__fw0vE58J9DdhUZ46dMxDQ41DeFqdZP1P6vQFjbixoibA5V_ybbfL1xSSb1myM7maMYAoTx80D8bdXwmWRwB-7ZQp54R__8LoZPWlV6PvkQ8Veh5BoNJrBqVhJ7WWwoS7G00BHC42_sHy5svdVp0lHQiD6_Hi1y4hYvHEtqCXPeYqleORt0lPwElbaRXLsqeUjuFACMjtF3WZSHh_gPd6dTZqd4XkIN_JmF29ZfUdaU0KgDLKjpcK4AGrs2s_5uA5Jl6oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WROD0NcbvLcWzvnaKzKsQ_Ikkgw%26client%3Dca-pub-6950484744639563%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7F47 2 KB
1 KB 52ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7F47 308 B
636 B 51ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 7F47 507 B
835 B 51ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 7F47 43 B
348 B 298ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=H82PYLQYd6J80jI9Wx_IecWWfyvy7k3bjfgeiOys0UhwLWwsi1LjESpUjiQoRH5Hm1aZOZ15_nb1nhgPOt31gfHG-EQxytK8tcyEF_qO_DuyUU7ly147MUibfHwHOpBnxVTQ9sRwtek1Y0h7mTmeq8_PF9gWLbxBC0E6JsrFQaZCaXPzghjALIGO_nZhQSJxjZQ7aPdamCpEiyiKnRb5KfJ9BprzUTvphGnJsKqw65aIaxUVLqadMpxP0nSamNV9SQco2_GRSsq5Tr48Mz6LQqafwXhou6vRdFje0SO5RhxcNhKIw5psXKo0OUr-rK53_073_tC1gIqK2qXyWK30LkU9wRj_4ec_IXsv47RnXVs2EnJ8kZaX-cKqmU4-uGonQRFKd0DJW6vTdImsT7RnuklWDexE2_LQYFqZWh3uyS1_xZpzf_h0bFvkQK3v4Lc3cCt31g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:40 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3551905
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7F47 12 KB
6 KB 30ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 2 KB
3 KB 78ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=32517&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F32517%2F161005%2F3ff0bb1ca05c4f9cb0e79d86aa5244d3_logo.jpg&v=3&w=196&s=F5rKsKQEnTC4-8MgMbm36TSw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28939414
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2330
expires: Sat, 11 Mar 2023 01:46:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 13 KB
14 KB 66ms
15ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F54%2Fszlafrok-dorota-fr-063.jpg&v=3&w=800&s=hNZUgv4-ANJSc_NHvZr_A6uj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0e3b84d2d99b94fc5f960778644da8c7c8bf1eac4215d12448860566fbef9a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141786
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13638
expires: Sat, 23 Apr 2022 08:12:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 21 KB
21 KB 82ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F54%2Fkoszulka-babell-viva_wfa0-ux.jpg&v=3&w=800&s=kvfCttA-MCLcn01kmZBRWLU7&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5d755dba688ecf70b263bcb28ae7b67c31aca2ddff5aaaf24f0cf20dd1f4b6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1152924
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21460
expires: Sat, 23 Apr 2022 11:18:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 30 KB
30 KB 92ms
42ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F54%2FPastunette_73212-656-0_999_1.jpg&v=3&w=800&s=5cRlCciy4ydGtBolpICR6Rn4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3b58725030c060d63367e79d4fed8a92a89ad19676ed2b5527b57cc3fd0c9f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=101293
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 30500
expires: Mon, 11 Apr 2022 07:10:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 33 KB
34 KB 93ms
43ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F48%2F30_10207618_0034_1.jpg&v=3&w=800&s=wxpLwXTu4dXa6CIbCC-E8045&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cf6ab6d79945b3d422c05381bfefdf204ad88b0240f1ce526681b8992a191761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1205906
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 34168
expires: Sun, 24 Apr 2022 02:01:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 11 KB
11 KB 103ms
53ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F22%2FNina_29_220_846_200.jpg&v=3&w=800&s=IRPDvwG4-GpHaA6IiFXBVhbk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f941a33c862a7a9000b953e165b013ac26cf65a0f25dba895544c6eceea6f43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478765
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11158
expires: Fri, 15 Apr 2022 16:02:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 16 KB
16 KB 54ms
54ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F53%2Fkoszulka-donna-blankas.jpg&v=3&w=800&s=P7n2-Z8kg05V3dWSFLR5X7is&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

50c222ce65c2703d06db60b3c65a8d0e8658075e0f010d2d5e15cffd936bdf05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1000252
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16286
expires: Thu, 21 Apr 2022 16:53:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 48 KB
48 KB 51ms
50ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F20%2FDelicate_Design_W_04.jpg&v=3&w=800&s=nzsaBbXvyijAN3qqcRuWRt0S&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c2645fc528dcf94b30699f6ffd580b3139f9b41c049afb0ac40eeb41cf54ec91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=190430
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 48984
expires: Tue, 12 Apr 2022 07:56:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 26 KB
26 KB 59ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fines_turkus.jpg&v=3&w=800&s=Lh6M4cGt-AN0QQ5TH-BTxhgu&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7f5c2008d6fce47fa9609aa03b480788222183bd779af1152d4a94bbd948822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141533
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 26326
expires: Sat, 23 Apr 2022 08:08:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 12 KB
12 KB 61ms
61ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F53%2F2koszulka-babell-amelia.jpg&v=3&w=800&s=ZuA9bCjfbYpeq1O5FFjRpLYf&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f9e73371485de5454d97d33dd70d8250fe426e565dde595ec2a4616cbc692c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1194831
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12420
expires: Sat, 23 Apr 2022 22:56:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 30 KB
30 KB 63ms
63ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2F90_czerwie-2.jpg&v=3&w=800&s=ihyQaBTmQp2HmaiErL_u_Rqa&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1ae9c84d7faf1aea22d2bfb5d0fc5417663beab1e433b55b6df6baf8e6637fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=113769
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 30404
expires: Mon, 11 Apr 2022 10:38:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F47 0
128 B 53ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CbjjebI-lgAuM47GODUSiGeBJ9MlYUVJC2reVbvX6Ewk8uw7Q7RYPp7Si20-a4OF3-Gg0YheCPaopva-kXYde0HevDf8inyV_xNcpr2Ty4vmhVcaopMMZ0qHZxqK-vaQqt8gqVaR2JJotaIxjwU_e5NK9MmeDQTAcXxf7qq8jbHP7c2aFNTsWyo0HkRxzRvTPpqbcZW-vDsIv1ix83qubFE5x6E_Kak5lJhrPmhtt5nQNP3HN04_GnnngcHU-BE0-V45Qw&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 03:02:40 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F47 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7F47 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:40 GMT

GET
H/1.1 200
OK request.php Show response
app.verityads.com/ 965 B
970 B 289ms
105ms XHR
text/html 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://app.verityads.com/request.php?tag=5665509e51b6389a804&browser=Chrome&secure=3401138813
Requested by: Host: app.verityads.com
URL: https://app.verityads.com/adb.php?tag=5665509e51b6389a804&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 4f8d7305cfa406793eaece77a0d973a90baa5d3925cac9239e3807fbd64c1789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 03:02:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 497
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 9675dadcba56f361146.png
app.verityads.com/ads_data/ 18 KB
19 KB 94ms
94ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.verityads.com/ads_data/9675dadcba56f361146.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/80414-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 2a4eb2ae9785a46279ae0df5f78f6826b39fe2a87f4f2a03d1bad17b088729f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:41 GMT
Last-Modified: Mon, 21 Oct 2019 15:15:49 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18838

GET
H/1.1 200
OK profile-image.png
tutpaste.com/theme/new/images/ 933 B
1 KB 92ms
92ms Image
image/png 173.231.244.20
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutpaste.com/theme/new/images/profile-image.png
Requested by: Host: tutpaste.com
URL: https://tutpaste.com/theme/new/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.244.20 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps50168.inmotionhosting.com
Software: Apache /
Resource Hash: 145ed8aea2b7ceaa44e7a25268d55fd7ac1b31086b16cc845162a80450dda171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/theme/new/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:02:41 GMT
Last-Modified: Tue, 22 Dec 2015 21:54:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 933

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tutpaste.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 360904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:47:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tutpaste.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tutpaste.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EE0 26 KB
11 KB 132ms
132ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc3e0f8b2bc2647c0dfd380be827881e2871729c8e2cc722211e7cace55af3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11702
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tutpaste.com
URL: https://tutpaste.com/80414-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5271
date: Sun, 10 Apr 2022 01:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 10 Apr 2022 03:34:50 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61FC 0
16 B 55ms
55ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&adk=1812271804&adf=3025194257&lmt=1649559761&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761284&bpp=3&bdt=1853&idt=3&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280%2C261x600&nras=1&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1524955782&t=pageview&_s=1&dl=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%81%D8%B6%D9%84%203%20%D9%85%D9%88%D8%A7%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D8%A8%D8%AD%20%D9%85%D9%86%20%D8%A7%D9%84%D8%A3%D9%86%D8%AA%D8%B1%D9%86%D8%AA%20%D8%B2%D9%88%D8%AF%20%D8%AF%D8%AE%D9%84%D9%83%20%D8%A8%D8%B3%D9%87%D9%88%D9%84%D8%A9%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D9%86%D8%B2%D9%84%20%7C%20TutPaste%20-%20paste%20bin%20for%20text%2C%20source%20codes%20and%20links&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1676214125&gjid=397413406&cid=1312762422.1649559760&tid=UA-71374144-1&_gid=2117097934.1649559761&_r=1&_slc=1&z=1098701901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tutpaste.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tutpaste.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0028 42 B
64 B 53ms
39ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVRdPNWGxUajl54i0agkQIPwBP9y25KRaHAatlybcQqsyIBik25K14yBoy2JzZtGIbuUo3zadBf-Bl3fIc2xO5&sig=Cg0ArKJSzAg0Ndo8KppUEAE&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3857911285&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649559760105&rpt=277&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6EE0 3 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 02:35:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EE0 119 KB
36 KB 63ms
35ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 03:02:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6EE0 15 KB
6 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 02:33:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6EE0 0
0 33ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsOxNZMyAqUhNNhC-G3rOtw6daHFLUZSeGoAsrEPw0NbDakn4uiOhFXK5Y-6O5mLoAbfHzouOKvtMPk-2IeN0TnSIFHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6EE0 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHR1V0UhSYpiHEci83gPZ9aOIAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTY5NTA0ODQ3NDQ2Mzk1NjOgAdW20uoDyAEJqQKYSJQ8PD-yPqgDAaoEyQFP0J-rGzzbeQ3wzajGa0t8W-t0zd7CThMKgZHXSGGjmCH6FYpcsCr6f7QuEGMmFv35SzeBtcQ4km-dUS48Y9HRCoqoLCDoH6-sYV8-LA88RFGUZfLHQq8LdyMxtqR65bBkDLvpKBw4PrL-4tJQEVHAaF0cbLt-TZIb3xoD8Bh55DUqBBTVMPUEzIiFhzt8H1VEjYWVLzvoLOXJC0K70-3JSBjT8BJc_uug2iFWcjVYX2myB943n7K6Y965cfhC3jIvzb2_-m8ZK6-ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY5NTA0ODQ3NDQ2Mzk1NjMYAA&sigh=rNVpn6rqiRs&uach_m=[UACH]&cid=CAQSOwCNIrLM80tO1WeWX1_nwFnGw72iRwSnDdMsChC6Ri8fq1j17g5rNu7qpq4e4wk90L1QujFJ36rRMENdGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 10 Apr 2022 03:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6EE0 0
0 16ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RIUC2ASdg2ICAgAAAH5LGF6aY1RzENBIUmLRLiTAvdaozLyhvgAS&wp=YlJI0QAEQ5gKd55IAAj62Z0bMmrT3kZ9exnXkA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 252335
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1B47 170 KB
54 KB 112ms
112ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0QAEQ5gKd55IAAj62Z0bMmrT3kZ9exnXkA&u=%7CnRE8k%2FyTfv4%2BUv1P2M77tEjUvWX%2BBQ4GpC8u1MI%2FwyA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXMmR0OcO77e6Sm2KEIogPUogGFEdgUaO7z4LgsKhbbEbYUfd3XC6Ic05fgssPIXLXZsUOiCHGovhJ7dWBm6maB1P9GWiWuQiBkFboqDPCU0eh29aIcQ7DFbtbj7IyKE1Ho-bu56PkhJRR0hC-0SME8BZK1tkUkF1RQCfE_eNs2ognh81myeMbNHuMBXFgmvxmCUw3Uc3u7LVSwBD7cJlZFp2NgRK5qIelvoESWSUSLjLs49XDNIeFFg0z8ZYqu9FKgeabsOIK2NLcemATDjfxM9_xNLcGmWKlvxXoS9Rv0Jj2kW63cvuhZ6OK742zF-H8Ramn_d7JtUCX_RBONcA5yd5polSKSCWFsnNcBVCs6lA8Q0F-kjh4_54I_lgwHxdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe5Wf0UhSYpiHEci83gPZ9aOIAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTY5NTA0ODQ3NDQ2Mzk1NjOgAdW20uoDyAEJqQKYSJQ8PD-yPqgDAaoEzAFP0J-rGzzbeQ3wzajGa0t8W-t0zd7CThMKgZHXSGGjmCH6FYpcsCr6f7QuEGMmFv35SzeBtcQ4km-dUS48Y9HRCoqoLCDoH6-sYV8-LA88RFGUZfLHQq8LdyMxtqR65bBkDLvpKBw4PrL-4tJQEVHAaF0cbLt-TZIb3xoD8Bh55DUqBBTVMPUEzIiFhzt8H1VEjYWVLzvoLOXJC0K70-3JSBjTshB9bGwvRjLp7iH7j1QU_9cjlQSwTcY7xTB_eMCQ05Gnf8WdOBCqhkWABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kwqSWdVr3udAIYyt3frI5A_Javw%26client%3Dca-pub-6950484744639563%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c241313c6b54390ac7e884cf8d971984d0d3e03ea0cac1128149524231a04e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Lt5MqbI-lgAuM47GPJLewabriGVkW3KVOlhRn9rLPGAakv4bWhA7q0Z79VCTAiqmwvn_hFW0lhQ7mUXE5lmwuGWSfRwHKU0MMKX5XZQPrT9VI0Q9_0xlskwIJevs06ehg1t6W50nFUJNtI0l_BZDVK59jFDQAnebADqHOtFVTtKFdGpLmy1dsFNTLLjEzD8rR2IVKAQB_6Dk4SCQ9EngPxWmXSf0vmS0Zk5AbJYwJ6MgLa4ZZN0S1eSYvUl4OPtP7JGYWQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 92807968
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51B1 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 51B1 35 B
463 B 33ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPGGOoOQBtlEzTKHAvRbONA&google_cver=1&google_push=AYg5qPK-uj7mPsDc-ZeKn5b91wkHIVobusrw5nsrOMwS2AVtPtWrJJTo2T6g2lbiLWdmRxQvn-_SiV5KD_XJjWs4yw7z3zGkLA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 51B1 43 B
324 B 31ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEO_UToKYJZAUAnACIIsFtJ8&google_push=AYg5qPLnDXpDdF-Kr0tMzEH27Ebubq2W7e4rq598EVvOVvqXUUobe8gLfdDUUEfxDlNkIPxypnTibrg8haOh7zkCdFsQI6x8elQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 51B1 43 B
351 B 57ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIgS18NNflV2T4LcGSKbX8s&google_cver=1&google_push=AYg5qPIAh3_WZ4xG1Qya_ELZbrfX7gv_NfcKAH2FRUzcbwLOVCFtJboQqIcvT4o7AvyeQpKBRd0zvKj3FbFSmwg4A5gr2d7WBmM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3f5k30mgjhtmerhve9juplj0op6f2947

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51B1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KlQ4U5E8TMi0mJsWrIiLFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KlQ4U5E8TMi0mJsWrIiLFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIdImUNtiqoWD4aJeHHDBcFfOjTYLpSLIISf0LRaNeEm6ekLFMAEOa9k7mZnPKRKk9iruUVX4z59nFcclJqRsRP91OU7Xs

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KlQ4U5E8TMi0mJsWrIiLFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIdImUNtiqoWD4aJeHHDBcFfOjTYLpSLIISf0LRaNeEm6ekLFMAEOa9k7mZnPKRKk9iruUVX4z59nFcclJqRsRP91OU7Xs
date: Sun, 10 Apr 2022 03:02:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51B1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE8gWdaobmgUbDGlFygqlJw&google_cver=1&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFTUEFJMTMtMTgtQjlGMg==&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2DiWd4G1KBqG-Qsq3oxBPhuAo

170 B
188 B

33ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFTUEFJMTMtMTgtQjlGMg==&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2DiWd4G1KBqG-Qsq3oxBPhuAo

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFTUEFJMTMtMTgtQjlGMg==&google_push=AYg5qPKs_dTMkmgrYbyCYB66ZLdtK-mtdTZkmJ4qAzl5Zu_KawiEozT25f268xATi6QzY8PYdG2DiWd4G1KBqG-Qsq3oxBPhuAo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 51B1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWv...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 51B1 43 B
296 B 226ms
20ms Image
image/gif 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDgTBorVk-lq62fqcb8R8a0&google_cver=1&google_push=AYg5qPK1tguF72uaft6AwaJAFCl8squLmaZI4tG-7xfY21I7uIcSvBfIcEztZIYpvL-rrU2rOlcB3ypv0Ul3dwbn0Pnjg7XtxGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6950484744639563&output=html&h=600&slotname=7569742801&adk=380577001&adf=1014717107&pi=t.ma~as.7569742801&w=261&fwrn=4&fwrnh=100&lmt=1649559761&rafmt=1&psa=1&format=261x600&url=https%3A%2F%2Ftutpaste.com%2F80414-3%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649559761237&bpp=21&bdt=1807&idt=21&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e843dacf072604e-2217e0ac73cd0025%3AT%3D1649559760%3ART%3D1649559760%3AS%3DALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ&prev_fmts=1140x280&correlator=6132008929438&frm=20&pv=1&ga_vid=1312762422.1649559760&ga_sid=1649559760&ga_hid=1524955782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=898&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C44761043&oid=2&psts=AGkb-H-Kmu9RKEXU72N30OJ5C2l-fgLiZsvLR9gE0VSXdMHyTLsBEoYDIA8KAWDvh-9lpbu9ONIZYH1NIucR&pvsid=1691031881687197&pem=795&tmod=837515258&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pdFt6wYCF4&p=https%3A//tutpaste.com&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51B1 0
232 B 63ms
15ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IM2ba1XBdCMJChDvrvKe6IxAOD4fvpMM6kLUuXfMWPlJyrXeoPwmMt9XuJAMM8JyTrft_q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F47 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 03:02:40 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
DATA 200
OK truncated
/ Frame 6EE0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d18a5c30642696fad4e319a15872412099e3c4a46b712e09790819560adcf8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1B47 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0QAEQ5gKd55IAAj62Z0bMmrT3kZ9exnXkA&u=%7CnRE8k%2FyTfv4%2BUv1P2M77tEjUvWX%2BBQ4GpC8u1MI%2FwyA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXMmR0OcO77e6Sm2KEIogPUogGFEdgUaO7z4LgsKhbbEbYUfd3XC6Ic05fgssPIXLXZsUOiCHGovhJ7dWBm6maB1P9GWiWuQiBkFboqDPCU0eh29aIcQ7DFbtbj7IyKE1Ho-bu56PkhJRR0hC-0SME8BZK1tkUkF1RQCfE_eNs2ognh81myeMbNHuMBXFgmvxmCUw3Uc3u7LVSwBD7cJlZFp2NgRK5qIelvoESWSUSLjLs49XDNIeFFg0z8ZYqu9FKgeabsOIK2NLcemATDjfxM9_xNLcGmWKlvxXoS9Rv0Jj2kW63cvuhZ6OK742zF-H8Ramn_d7JtUCX_RBONcA5yd5polSKSCWFsnNcBVCs6lA8Q0F-kjh4_54I_lgwHxdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe5Wf0UhSYpiHEci83gPZ9aOIAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTY5NTA0ODQ3NDQ2Mzk1NjOgAdW20uoDyAEJqQKYSJQ8PD-yPqgDAaoEzAFP0J-rGzzbeQ3wzajGa0t8W-t0zd7CThMKgZHXSGGjmCH6FYpcsCr6f7QuEGMmFv35SzeBtcQ4km-dUS48Y9HRCoqoLCDoH6-sYV8-LA88RFGUZfLHQq8LdyMxtqR65bBkDLvpKBw4PrL-4tJQEVHAaF0cbLt-TZIb3xoD8Bh55DUqBBTVMPUEzIiFhzt8H1VEjYWVLzvoLOXJC0K70-3JSBjTshB9bGwvRjLp7iH7j1QU_9cjlQSwTcY7xTB_eMCQ05Gnf8WdOBCqhkWABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kwqSWdVr3udAIYyt3frI5A_Javw%26client%3Dca-pub-6950484744639563%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1B47 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1B47 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 1B47 507 B
835 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 1B47 0
690 B 155ms
114ms Image
text/plain 2600:9000:224a:3600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1649559761
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlJI0QAEQ5gKd55IAAj62Z0bMmrT3kZ9exnXkA&u=%7CnRE8k%2FyTfv4%2BUv1P2M77tEjUvWX%2BBQ4GpC8u1MI%2FwyA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXMmR0OcO77e6Sm2KEIogPUogGFEdgUaO7z4LgsKhbbEbYUfd3XC6Ic05fgssPIXLXZsUOiCHGovhJ7dWBm6maB1P9GWiWuQiBkFboqDPCU0eh29aIcQ7DFbtbj7IyKE1Ho-bu56PkhJRR0hC-0SME8BZK1tkUkF1RQCfE_eNs2ognh81myeMbNHuMBXFgmvxmCUw3Uc3u7LVSwBD7cJlZFp2NgRK5qIelvoESWSUSLjLs49XDNIeFFg0z8ZYqu9FKgeabsOIK2NLcemATDjfxM9_xNLcGmWKlvxXoS9Rv0Jj2kW63cvuhZ6OK742zF-H8Ramn_d7JtUCX_RBONcA5yd5polSKSCWFsnNcBVCs6lA8Q0F-kjh4_54I_lgwHxdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe5Wf0UhSYpiHEci83gPZ9aOIAsme0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTY5NTA0ODQ3NDQ2Mzk1NjOgAdW20uoDyAEJqQKYSJQ8PD-yPqgDAaoEzAFP0J-rGzzbeQ3wzajGa0t8W-t0zd7CThMKgZHXSGGjmCH6FYpcsCr6f7QuEGMmFv35SzeBtcQ4km-dUS48Y9HRCoqoLCDoH6-sYV8-LA88RFGUZfLHQq8LdyMxtqR65bBkDLvpKBw4PrL-4tJQEVHAaF0cbLt-TZIb3xoD8Bh55DUqBBTVMPUEzIiFhzt8H1VEjYWVLzvoLOXJC0K70-3JSBjTshB9bGwvRjLp7iH7j1QU_9cjlQSwTcY7xTB_eMCQ05Gnf8WdOBCqhkWABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kwqSWdVr3udAIYyt3frI5A_Javw%26client%3Dca-pub-6950484744639563%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: Yn2hh0ryWjObKCeBvOlXDQAnB6pU5WgSaDPaYD_MQNPGi4NRMWlOqQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 1B47 43 B
347 B 17ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=qaC7Z6Igar3PdS5R9BM-mVDRxQWz1m1UKM8eikW6Ovdc2hsxcLG7rAS7254HDCalOY4jHbaC3oUbm7jb3I0p8mBi7u8XK7jLxdmgN8f0_ueQUi8XePU2QGIJGvdy0cqYH9uzOpyGfGFjre8GAeItlL1J_r02W8_m2wWdLfWd1o3zEslja1ZST54wtchrzOefmtKCpYG3q7T1T0THoaG02srpNTOsCKESfz8A4OihlGrA-RI7HDcvk0FtJAIXdwyZZJhS5LndBZwI5agK8IX8mznwTDKwn43B-zGl3mGE1DlBiapPwq5YFsb11FbjvQ1OJHNpkSMVrbzzkvaO4VgDL71n1TcJnpf1JW2GprD_WCTYOkZryOEaVC2Msm8Ab_HGByZ7eBjMqGFhhsn-PMt-JOtkpqalZ7Emlxf68Hpb86WKkjdbK-NmMvfA2lwTz7AEbj9ibw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:41 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3129249
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1B47 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 24 KB
24 KB 18ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=518&s=XkJ_gbaLw6WIxDwjmXe1hkmm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

654bc88b2bc8f36f913f8031fd4ee3e91499b39f2e8f3497f176dfbb7114313f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28284900
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24645
expires: Fri, 03 Mar 2023 11:57:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 2 KB
3 KB 19ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=400&s=TW6-M6NoE1cuB36irgUkZ_Qy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 10 Apr 2022 03:02:41 GMT

GET
H2 404 img
pix.eu.criteo.net/img/ Frame 1B47 43 B
243 B 19ms
17ms Image
image/gif 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
server: Finatra
vary: Origin
content-type: image/gif
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 43
expires: -1

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 400 B
663 B 19ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1460227
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Wed, 27 Apr 2022 00:39:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 5 KB
5 KB 19ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=400&s=JLFsYJdH654v7-8d4e4sB-p3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4833
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 2 KB
3 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FK%2FlogoKoehler-Kehl-GmbH-196005DE.gif%3Feb%3D1&v=3&w=400&s=TA7KWxfXPJqSMjZhJNnmI0UR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a2ab88f7d737996e46c9a2b298dc069cfffdc44c4597ed76403a7082f883f28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2534827
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2546
expires: Mon, 09 May 2022 11:09:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 2 KB
2 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAWISTA-GmbH-171737DE.gif%3Feb%3D1&v=3&w=400&s=uY27UhdXn_hzB2ov532pehnm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

82f8a205ab09bf16e81257d4ddd8840bae11a3452fae30d504dcff055edab61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=970088
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2086
expires: Thu, 21 Apr 2022 08:30:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 2 KB
2 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFinanz_Informatik_Solutions_Plus_GmbH____84566DE.gif%3Feb%3D1&v=3&w=400&s=w5A47AzlFkpLFPPpankpskLd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9c9b34eae157a5834362b0be630562a340a9e84cc5f60cfc567d03a401abf513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=671649
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2046
expires: Sun, 17 Apr 2022 21:36:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 1 KB
1 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBertrandt_AGDE.gif%3Feb%3D1&v=3&w=400&s=WHPX-Mwt-41eUYORIQcTurLf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0884932086359c7b46e046fe911379503dd42082bf0fd86081f15df909c72d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1793858
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1120
expires: Sat, 30 Apr 2022 21:20:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 6 KB
6 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoSensalight-Technologies-GmbH-246135DE-2005280843.gif%3Feb%3D1&v=3&w=400&s=Tk1JEJ8ItwZF2oLmAF_mL7Vq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9c90ad4308a58cbd8dc6866393ae6757f36c76f12b399aca2f3975833480c875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1836373
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5932
expires: Sun, 01 May 2022 09:08:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1B47 2 KB
2 KB 29ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBundesanstalt-fur-Immobilienaufgaben-173857DE.gif%3Feb%3D1&v=3&w=400&s=bnpGXvOOt8_Yecz0W7hgTVkz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05e1282cbd8eca83163dd1112ae7fe51623669b7696a89c2960d7e20c9c25935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=920849
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2062
expires: Wed, 20 Apr 2022 18:50:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1B47 0
127 B 19ms
18ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Lt5MqbI-lgAuM47GPJLewabriGVkW3KVOlhRn9rLPGAakv4bWhA7q0Z79VCTAiqmwvn_hFW0lhQ7mUXE5lmwuGWSfRwHKU0MMKX5XZQPrT9VI0Q9_0xlskwIJevs06ehg1t6W50nFUJNtI0l_BZDVK59jFDQAnebADqHOtFVTtKFdGpLmy1dsFNTLLjEzD8rR2IVKAQB_6Dk4SCQ9EngPxWmXSf0vmS0Zk5AbJYwJ6MgLa4ZZN0S1eSYvUl4OPtP7JGYWQ&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 03:02:41 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1B47 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1B47 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 03:02:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 20ms
20ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65fd252e00391a1841cc7e2ceb68f001feb9a582a1a2e279af9ddc7eaa3270f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10592
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 03:02:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AE9 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 19:50:48 GMT
expires: Sun, 09 Apr 2023 19:50:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 23C1 783 B
534 B 16ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63d8ae3d26ad4a8ad451297acc8888181cb94d3211f406f8f209733830bfefc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NHSqi6HMOF0uyH2Feu2y5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tutpaste.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-NHSqi6HMOF0uyH2Feu2y5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 03:02:41 GMT
expires: Sun, 10 Apr 2022 03:02:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AE9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 11:36:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 23C1 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220406&jk=1691031881687197&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AE9 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oEgWEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220406&jk=1691031881687197&bg=!NjWlNXHNAAZAkm7qYJI7ACkAdvg8WprsNp5E60pqAixk30yVNN_ANoNi68KVjBMOvusrLFmR0F_2xgIAAABKUgAAAAJoAQcKAHq6OiGN_FadKbTZ5HTNlL4jTDUCr16WBNNJNGJzORl6InoBFZ_jRDH0mjFiz9VPOdKm9YySbPMZeg1abxxHxq2pi4ML3uHvr8d2cAe1pKUtIy9lpCms12HafQJDafqCL0gj960PyYWrgh8iVK19NmSwgKLsSYkJlTWvHJkClgvIhjXOSGrb5hA4R-1RlkGGYduPEhxVframf36bji9txgl-i2UhS4lgPfG6bAHrct6G8vKilrBVMsx3hnedSGX0RJV7DNlT4hXnETjVnxkgZhxsU_M7p_FcA_n2-DqIb5C_zyRxENOombxr41gf-rd7z-whjF-Fi2RZT38vJKmmIi1XqlWbMb357fOthVCAem5gqvq7sWYghWe8P99HA0KJq2iNhqWulIqRDSsENZSWPfHrWG6_J30-nlrNf00yVPT8By9HVS59U-QzrilehQNxb-VO5NTDsaTDoa9naV5wA6R7rmgmQQ8UCWRHXQe9Jye6S1KAB18Zkqq-sk-hDzduHHnNW65jvZF4r27VVucMFE9i2K3dLRQb4NjjDdaYaIzoEXI7GFtO53mkQtY7N5J2wLddTC5a6TCjZROaQOcuBYm9vzRben7isP0rAny3Rovzqxi5Lqu5RC-W8kzj1Xdsvdw3PASGXsBCmzWlo_yd3b_HkXwgx-ae-fIMIKA74IMGT7QKcmyuTgHnxuOZde0uurpE3ZoyF4JfhKeEn6XbeCBcfia4CEhK4q4Jio2CkJasPBdCFL6SI80hF3E9gBLruoz3pSuTrhFkJQgpH_6Y36CXbf42JHlwRczx4nUCIzWJ_Nkx77bDrNJUWPaeAMZ656TIrp_kNhEmNt43mtOv5fwG_BKtKehVdUTN8j2hIQfnwNE_643SO5VOWY0DCz5Y3utYN8Z9ZnkFwf9D0R7mFIbJglZ6mhf8-bTDDlb-OQatPTzw0q2sv0FZNbY6sfzjlVmKs_DfRrx59W9J3eXw2NY6OsufXfPPlpQKXi9QfYC81s03DEudlYqGrqepuEm1NjdchO4Bybj5NVNTbGqDsmrCErTN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tutpaste.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6EE0 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqWQ4rKoJRwiLrpJQYGPk91Gs1iHnbhEGwtEo1EIVwKjuyJBP57FmDuIjnxjYgzZlSJKJwK7MUwfLTYTfFQ6zezw&sig=Cg0ArKJSzLCM4Tm0yq2OEAE&cid=CAASF-RoCl_tuZO4sJAONI1mIy3RnUhj8a2s&id=lidar2&mcvt=1000&p=0,0,600,261&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=20&adk=380577001&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649559761262&rpt=231&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 03:02:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1B47 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 03:02:42 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F47 13 KB
14 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0e3b84d2d99b94fc5f960778644da8c7c8bf1eac4215d12448860566fbef9a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 03:02:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141782
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13638
expires: Sat, 23 Apr 2022 08:12:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: weloveiconfonts.com
URL: http://weloveiconfonts.com/api/?family=entypo

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tutpaste.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b9c18bf493b1c7d9422122af3f970b5d
.tutpaste.com/	1970-01-20 11:34:15	Name: __gads Value: ID=3e843dacf072604e-2217e0ac73cd0025:T=1649559760:RT=1649559760:S=ALNI_MbvdaAH20WRXG9stHsw905zUpCEEQ
.doubleclick.net/	1970-01-20 11:34:15	Name: IDE Value: AHWqTUkKUQPub9fSeK7w_E0afxpCOxhqgFmsNWbgrXrags7H9te6-1ayNhRKBng12A0
.tutpaste.com/	1970-01-20 19:43:51	Name: _ga Value: GA1.2.1312762422.1649559760
.tutpaste.com/	1970-01-20 02:14:06	Name: _gid Value: GA1.2.2117097934.1649559761
.tutpaste.com/	1970-01-20 02:12:39	Name: _gat Value: 1
.quantserve.com/	1970-01-20 04:22:15	Name: d Value: EFIBCQHvJYEA
.quantserve.com/	1970-01-20 11:42:54	Name: mc Value: 625248d1-6ea0c-8a6fd-9bd01
.casalemedia.com/	1970-01-20 10:58:15	Name: CMID Value: YlJI0SuQhW6C7EITdI4nEwAA
.casalemedia.com/	1970-01-20 04:22:15	Name: CMPS Value: 5197
.casalemedia.com/	1970-01-20 04:22:15	Name: CMPRO Value: 1120
.casalemedia.com/	1970-01-20 02:14:06	Name: CMST Value: YlJI0WJSSNEA
.innovid.com/	1970-01-20 04:22:15	Name: uuid Value: a4db0286-00a9-493d-8afd-55662fbe094e-20220409 23:02:41
.pubmatic.com/	1970-01-20 02:14:06	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:22:15	Name: KADUSERCOOKIE Value: 2A543853-913C-4CC8-B498-9B16AC888B15

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tutpaste.com/80414-3/ Message: Mixed Content: The page at 'https://tutpaste.com/80414-3/' was loaded over HTTPS, but requested an insecure stylesheet 'http://weloveiconfonts.com/api/?family=entypo'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlJI0SuQhW6C7EITdI4nEwAABGAAAAIB&google_push=AYg5qPKXEEqIfHleG5lf6LijHJ7Ppm6vZKcuaBchE9YbItvMZeH3geHXAlPniLnM9aBgAmoj5jp7ScHsYv2GEhzHWvRtCmShcw&google_cver=1&google_gid=CAESEAEB3IZ_2pLslwmSGqnaLG8 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
app.verityads.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
tutpaste.com
weloveiconfonts.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
weloveiconfonts.com
104.36.113.23
142.250.184.194
142.250.74.194
173.231.244.20
178.250.0.139
178.250.0.162
178.250.2.148
2001:4de0:ac18::1:a:1b
2600:9000:224a:3600:1e:a43d:b640:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:4014:80b::2002
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
34.98.67.61
35.227.252.103
69.173.144.139
05e1282cbd8eca83163dd1112ae7fe51623669b7696a89c2960d7e20c9c25935
0884932086359c7b46e046fe911379503dd42082bf0fd86081f15df909c72d3f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
0e3b84d2d99b94fc5f960778644da8c7c8bf1eac4215d12448860566fbef9a0f
145ed8aea2b7ceaa44e7a25268d55fd7ac1b31086b16cc845162a80450dda171
1ae9c84d7faf1aea22d2bfb5d0fc5417663beab1e433b55b6df6baf8e6637fef
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
2a4eb2ae9785a46279ae0df5f78f6826b39fe2a87f4f2a03d1bad17b088729f9
2cce950a3800800e073a7ea7b25d487af995e885fde2528327f35a0cf39abe25
2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3b58725030c060d63367e79d4fed8a92a89ad19676ed2b5527b57cc3fd0c9f60
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
48f232df5be9bbaf1f8357b1501ee2514d6dcc90876c5d8adae65fcb843ff88f
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8d7305cfa406793eaece77a0d973a90baa5d3925cac9239e3807fbd64c1789
4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6
50c222ce65c2703d06db60b3c65a8d0e8658075e0f010d2d5e15cffd936bdf05
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d755dba688ecf70b263bcb28ae7b67c31aca2ddff5aaaf24f0cf20dd1f4b6b9
5f03035c89b21c72adf31735ce26474b3d5ad573b3fa8c81c3eb7a1f45bbafa1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620d4061af8b6a6464174218848b99726d78b205a840e8078bd700d38c7e2d87
63d8ae3d26ad4a8ad451297acc8888181cb94d3211f406f8f209733830bfefc2
654bc88b2bc8f36f913f8031fd4ee3e91499b39f2e8f3497f176dfbb7114313f
65fd252e00391a1841cc7e2ceb68f001feb9a582a1a2e279af9ddc7eaa3270f4
6cd3e10f05743fcc303a619668f1f3d23bdb468e0d1da9f5b77f0f173712890f
6e6d65a34b880721be84019726491f169511364f7ea9b2f956840b0499ee5473
725961cff4d25388d5aca1289b02f50ac62a1ea32de831f8015cce8f5684ddb2
790635cf15e9d40563e314616a9e8fb78a1132d7022b8dd9f84386c09cb07995
7b40c29083f89776b80683d09d1e575c8a3bd7ed855c01ade32da8b8165f02ef
7f5c2008d6fce47fa9609aa03b480788222183bd779af1152d4a94bbd948822f
82f8a205ab09bf16e81257d4ddd8840bae11a3452fae30d504dcff055edab61b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1d39f5a5019e6dd6c82e498dff341d7a41bc914b7eef730aa4bb1b0c67ef1a
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9448bc84d97638590a5acfcbf66450e2ab5f17be98e409f706b01918e91627d1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c90ad4308a58cbd8dc6866393ae6757f36c76f12b399aca2f3975833480c875
9c9b34eae157a5834362b0be630562a340a9e84cc5f60cfc567d03a401abf513
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ab88f7d737996e46c9a2b298dc069cfffdc44c4597ed76403a7082f883f28b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a311bca19399493eebde89a6a53b1c5ce47f09ef3c8be4fd4a7407a2b9eef16c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5567f54cb72c81ce1baf4a17c091092e89baf0325a6f06891a45417a004eba8
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24e5fbc226d38f0f159063849f397ca08d7cd1c8cbe0814fb020cefc292ad66
bc3e0f8b2bc2647c0dfd380be827881e2871729c8e2cc722211e7cace55af3a1
c1870050cf7ec0c64c0956705173420950940579471f248956c8233354d994e4
c241313c6b54390ac7e884cf8d971984d0d3e03ea0cac1128149524231a04e01
c2645fc528dcf94b30699f6ffd580b3139f9b41c049afb0ac40eeb41cf54ec91
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cf6ab6d79945b3d422c05381bfefdf204ad88b0240f1ce526681b8992a191761
d18a5c30642696fad4e319a15872412099e3c4a46b712e09790819560adcf8d8
d7e0b397d48dd04dd7e69ee339c985c23704385c35ff9210e93f6e79ddb88af8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd153de633b9e6f93d0453d1a94e0c40854004b39c9f427942dfc7021229a26
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f941a33c862a7a9000b953e165b013ac26cf65a0f25dba895544c6eceea6f43c
f9e73371485de5454d97d33dd70d8250fe426e565dde595ec2a4616cbc692c5c
fc00c17ece979473c8883121a1bd153ab2cd20154cbde61f5d5dfec5941786b2
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
ff5222c2e8eb122ce8bf7ea849972c6438368a6fce1a237aa2c756437c52ad38

tutpaste.com Open in urlscan Pro 173.231.244.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

96 %HTTPS

63 %IPv6

22 Domains

30 Subdomains

26 IPs

7 Countries

1270 kBTransfer

2533 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tutpaste.com Open in urlscan Pro
173.231.244.20 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

96 %
HTTPS

63 %
IPv6

22
Domains

30
Subdomains

26
IPs

7
Countries

1270 kB
Transfer

2533 kB
Size

15
Cookies

111 HTTP transactions
2 data transactions