tpaste.net Open in urlscan Pro
2606:4700:3033::681f:5e9a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tpaste.net/3gBwjcOf2L
Submission: On February 04 via manual (February 4th 2020, 2:47:30 pm UTC) from DE

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3033::681f:5e9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is tpaste.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 1st 2019. Valid for: 10 months.

This is the only time tpaste.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3033::681f:5e9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	185.66.200.189 185.66.200.189	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	78.46.161.222 78.46.161.222	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
50	16

17 2606:4700:3033::681f:5e9a (United States)

ASN13335 (CLOUDFLARENET, US)

tpaste.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.189 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.189.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.46.161.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.222.161.46.78.clients.your-server.de

telegram.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tpaste.net tpaste.net	1 MB
6	telegram.im telegram.im	21 KB
4	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	100 KB
3	googleapis.com fonts.googleapis.com	1 KB
2	facebook.com www.facebook.com	417 B
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	142 KB
2	doubleclick.net googleads.g.doubleclick.net
2	googlesyndication.com pagead2.googlesyndication.com	120 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	uprimp.com uprimp.com	551 B
1	googletagmanager.com www.googletagmanager.com	28 KB
50	16

	Domain	Requested by
17	tpaste.net	tpaste.net ajax.cloudflare.com
6	telegram.im	tpaste.net telegram.im
3	cdnjs.cloudflare.com	ajax.cloudflare.com cdnjs.cloudflare.com
3	fonts.googleapis.com	tpaste.net
2	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	tpaste.net connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
2	fonts.gstatic.com	tpaste.net
2	maxcdn.bootstrapcdn.com	tpaste.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	uprimp.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	ajax.cloudflare.com	tpaste.net
50	17

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-01` - `2020-10-09`	10 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
uprimp.com Let's Encrypt Authority X3	`2019-12-16` - `2020-03-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
telegram.im Let's Encrypt Authority X3	`2020-01-03` - `2020-04-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://tpaste.net/3gBwjcOf2L
Frame ID: 2B830337CE35B5A510D4FCB7F8027D39
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/zrt_lookup.html
Frame ID: 549FB4FEC5C9FF4E22873F006846D73D
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=988175&format=728x90&ga=g&bg=1&xt=158082763290730&xtt=4675355
Frame ID: F7750FA139AE2C8F5D3054A4C78EB299
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2534138922680191&output=html&adk=1812271804&adf=3025194257&lmt=1580827634&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580827634498&bpp=11&bdt=2606&fdt=116&idt=116&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6203688811394&frm=20&pv=2&ga_vid=352641054.1580827635&ga_sid=1580827635&ga_hid=2126455443&ga_fc=0&iag=0&icsg=43583&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=749422335256689&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=127
Frame ID: 77F1B7618F7785FF1F25A976C58D054F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

50
Requests

98 %
HTTPS

87 %
IPv6

16
Domains

17
Subdomains

16
IPs

5
Countries

1702 kB
Transfer

5484 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/PremiumHost
Title: Netflix Premium Accounts Giveaway 🥳 Join Telegram & Win 😍

Search URL Search Domain Scan URL

URL: https://t.me/APKModCrack
Title: PrimeVideo Premium APK CRACK MOD 📲 Join Telegram & Download 😍

Search URL Search Domain Scan URL

URL: https://twitter.com/TPastenet/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TPastenet/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3gBwjcOf2L Show response
tpaste.net/ 32 KB
14 KB 1804ms
1741ms Document
text/html 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5085ed79897ea0bb65b0abbb28e15b255519cae289d84d372c83f75492fd8d4

Request headers

:method: GET
:authority: tpaste.net
:scheme: https
:path: /3gBwjcOf2L
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 04 Feb 2020 14:47:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8ca99bf831af8197ea87e2011cb5d80b1580827630; expires=Thu, 05-Mar-20 14:47:10 GMT; path=/; domain=.tpaste.net; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IlBoN2J4WWxCYzFcL3o2XC85VW9hNk9VQT09IiwidmFsdWUiOiJ3ek1EZFpNTzBmNjE5Z1wvb3VrUjd4aW8zckFwdG5BZFdreGswYXVnanczOGFjVEo1Ym1VZzVReW1iRnk1RTRMZSIsIm1hYyI6IjUwZGE3N2M0YzAyM2YwYzhmMTcwZTI5Y2M4MjU0ODg4M2I2N2UxOWZmMzk5ZDdhYzFjMmUzZjdlNTVhMzE4YjMifQ%3D%3D; expires=Tue, 04-Feb-2020 16:47:11 GMT; Max-Age=7200; path=/ tpastenet_session=eyJpdiI6IjZlWDZIWFZHelFZNnFHZjZVckhtY2c9PSIsInZhbHVlIjoiQm1pU0ZyVmZ5MlJNbE82Q2dtRnVFelZ4dGJqT1M3VEZscXpMelhLWFg5emhoNTMyenBWMSt3NGw5UkxYXC95WWQiLCJtYWMiOiIxZDZkNDIzMzg5MTIyOTcxYjY2NmE4NjdjZWIzZTkzZGJmYTgzZmQyYjdmOWEzMzBkNTA3OWY4MDkyMmMzMjM3In0%3D; expires=Tue, 04-Feb-2020 16:47:11 GMT; Max-Age=7200; path=/; httponly
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55fd70307aa59754-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 2 KB
492 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gudea:400,700&display=swap

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

634b3ad58f2bfe3582512ae7689894fc5fbf5edc73e2f0708763f9ec99e8b451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 04 Feb 2020 14:47:11 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 04 Feb 2020 14:47:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 04 Feb 2020 14:47:11 GMT

GET
H2 200 app.css
tpaste.net/themes/darklight/css/ 79 KB
16 KB 16ms
14ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/css/app.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3e189b33dc2a89de07ae4e559ba3d4d076847eb8d3d32516904226cb35ab49

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:25:20 GMT
server: cloudflare
age: 3960
cf-polished: origSize=81380
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58a39754-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 44ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 app-creative.min.css
tpaste.net/themes/darklight/css/ 303 KB
43 KB 18ms
17ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/css/app-creative.min.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7203faab092c2f8609a1d3273dd2fda2f91ddb7ebc55dd6edc3d8d9a9a0800

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Dec 2019 20:05:12 GMT
server: cloudflare
age: 3960
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58a59754-FRA

GET
H2 200 animate.css
tpaste.net/themes/darklight/css/ 59 KB
4 KB 17ms
16ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/css/animate.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda901ae59aa8595e3beb351c85b95e308b04c24426e485697495d8622ccfceb

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:18:16 GMT
server: cloudflare
age: 3960
cf-polished: origSize=77907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58a89754-FRA
cf-bgj: minify

GET
H2 200 icons.min.css
tpaste.net/themes/darklight/css/ 247 KB
40 KB 17ms
16ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/css/icons.min.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4808ad9deba778e39ea98e34607ab5e5f7be65c9698f2773edb953ec80ef1e62

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:18:16 GMT
server: cloudflare
age: 3960
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58a99754-FRA

GET
H2 200 style.css
tpaste.net/themes/darklight/css/ 3 KB
1 KB 16ms
15ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/css/style.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f131af7d50e0a621238861b15d4cddedd62a79053e75cd9b3e601f95850807de

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Dec 2019 10:21:56 GMT
server: cloudflare
age: 3960
cf-polished: origSize=3966
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58aa9754-FRA
cf-bgj: minify

GET
H2 200 ace.min.css
tpaste.net/plugins/ace/css/ 335 B
265 B 14ms
13ms Stylesheet
text/css 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/plugins/ace/css/ace.min.css
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b04f0b17f949a21d91d53db632b613b81eaa7d00af47eaf191ebea5bc25eec

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 21:30:38 GMT
server: cloudflare
age: 1480
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 55fd703b58ac9754-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
582 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,600

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0759c59ef65a4a850ff9c81fe14bf21e95b14571ba997af5dec2d38ae1f03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 04 Feb 2020 14:47:11 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 04 Feb 2020 14:47:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 04 Feb 2020 14:47:11 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 17ms
16ms Stylesheet
text/html 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Open+Sans:200
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 SflqsMLsRw.png
tpaste.net/uploads/ 5 KB
5 KB 22ms
21ms Image
image/png 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpaste.net/uploads/SflqsMLsRw.png
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efdaf6b5fd82e455ba6247936bd3468446a29b7e0bcccecde5fa90da4a3ed7

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Dec 2019 10:15:22 GMT
server: cloudflare
age: 3960
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 55fd703b58ad9754-FRA
content-length: 4998

GET
H2 200 default-avatar.png
tpaste.net/img/ 7 KB
7 KB 18ms
18ms Image
image/png 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpaste.net/img/default-avatar.png
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Nov 2018 23:28:44 GMT
server: cloudflare
age: 1479
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 55fd703b58ae9754-FRA
content-length: 6957

GET
H2 404 santa_hat.png
tpaste.net/themes/darklight/images/ 23 KB
23 KB 2537ms
2536ms Image
text/html 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpaste.net/themes/darklight/images/santa_hat.png
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13326afae50c572abedb8412a6a9de08bd1c5e4f5b8d9ae0bab3488897b7788

Request headers

Referer: https://tpaste.net/themes/darklight/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, private
cf-ray: 55fd703bb9209754-FRA

GET
H2 200 neIFzCqgsI0mp9CI_oCsNKEy.woff2
fonts.gstatic.com/s/gudea/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gudea/v9/neIFzCqgsI0mp9CI_oCsNKEy.woff2

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3fc1fc614c409bf7a39e46cd8f77b139d1abcd67363a70d6f274d13b007654a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gudea:400,700&display=swap
Origin: https://tpaste.net

Response headers

date: Fri, 31 Jan 2020 00:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:43:58 GMT
server: sffe
age: 397594
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7860
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:20:37 GMT

GET
H2 200 webfa-solid-900c822.woff2
tpaste.net/themes/darklight/fonts/vendor/%40fortawesome/fontawesome-free/ 74 KB
74 KB 16ms
15ms Font
font/woff2 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/fonts/vendor/%40fortawesome/fontawesome-free/webfa-solid-900c822.woff2?44d537ab79f921fde5a28b2c1636f397
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://tpaste.net/themes/darklight/css/app.css
Origin: https://tpaste.net

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:25:20 GMT
server: cloudflare
age: 3178
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 55fd703bb9249754-FRA
content-length: 75728

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 20ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://tpaste.net

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 neIIzCqgsI0mp9gz25WBFqwYUp31.woff2
fonts.gstatic.com/s/gudea/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gudea/v9/neIIzCqgsI0mp9gz25WBFqwYUp31.woff2

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7b069519381d446e7e189d47461a4a6f7b45f134ee143dcc7476798361550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gudea:400,700&display=swap
Origin: https://tpaste.net

Response headers

date: Tue, 04 Feb 2020 06:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:41:41 GMT
server: sffe
age: 31601
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7880
x-xss-protection: 0
expires: Wed, 03 Feb 2021 06:00:30 GMT

GET
H2 200 webfa-brands-4004456.woff2
tpaste.net/themes/darklight/fonts/vendor/%40fortawesome/fontawesome-free/ 74 KB
74 KB 12ms
12ms Font
font/woff2 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/fonts/vendor/%40fortawesome/fontawesome-free/webfa-brands-4004456.woff2?cccc9d29470e879e40eb70249d9a2705
Requested by: Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://tpaste.net/themes/darklight/css/app.css
Origin: https://tpaste.net

Response headers

date: Tue, 04 Feb 2020 14:47:11 GMT
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:25:20 GMT
server: cloudflare
age: 3147
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 55fd703bb9269754-FRA
content-length: 75336

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 25ms
8ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 15:35:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e3054ce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 55fd703c9d1d97ae-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Thu, 06 Feb 2020 14:47:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145281542-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca2ecd31212ab41d5a7a2af46bf16ac145878c3ec5f1bf9503caeea72b8924bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28471
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Feb 2020 14:47:12 GMT

GET
H2 200 ext-modelist.js Show response
cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ 4 KB
3 KB 13ms
12ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ext-modelist.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df9e8425e492ddcb3a9f04c5a22a3894fefdd6471b44cfe67c9b81b2c06e7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 8408893
cf-ray: 55fd703cad3097ae-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Sun, 24 Feb 2019 09:15:52 GMT
server: cloudflare
etag: W/"5c7260c8-11a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Jan 2021 14:47:12 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 ace.js Show response
cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ 358 KB
93 KB 17ms
16ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ace.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8245819a48f2ffc7b5414cf9b6fe02098804b6347cb11946897b0c79e6d5794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 25458964
cf-ray: 55fd703cad3497ae-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Sun, 24 Feb 2019 09:15:51 GMT
server: cloudflare
etag: W/"5c7260c7-59810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Jan 2021 14:47:12 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.005

GET
H2 200 app.min.js Show response
tpaste.net/js/ 439 B
312 B 14ms
12ms Script
application/javascript 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/js/app.min.js?v=1.3
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628ebd02b9fa963b00412fcff1311675ffd5b10f2525fe10630a174d7bbb7bb1

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Dec 2019 07:57:20 GMT
server: cloudflare
age: 3961
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 55fd703caa6b9754-FRA

GET
H2 200 apexcharts.min.js Show response
tpaste.net/themes/darklight/js/ 435 KB
103 KB 18ms
17ms Script
application/javascript 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/js/apexcharts.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bda1b358d078fce7bbb8b6a584ab5ad2fedc24a85c874cd8bddc0cdf8395796

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:25:20 GMT
server: cloudflare
age: 3961
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 55fd703caa6e9754-FRA

GET
H2 200 app.js Show response
tpaste.net/themes/darklight/js/ 2 MB
454 KB 15ms
14ms Script
application/javascript 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/js/app.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75cd939df59cad618b4788d41c2448a95680acad858cee2dae64c4151461c8a

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 18:40:00 GMT
server: cloudflare
age: 3961
cf-polished: origSize=1599971
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 55fd703caa709754-FRA
cf-bgj: minify

GET
H2 200 vendor.min.js Show response
tpaste.net/themes/darklight/js/ 921 KB
285 KB 17ms
17ms Script
application/javascript 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/themes/darklight/js/vendor.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0c7e6238e0ce8e93a15e03ec18ad1a78694d730269a429716731888c022e12

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Dec 2019 01:18:16 GMT
server: cloudflare
age: 1480
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 55fd703caa719754-FRA

GET
H2 200 bnr.php Show response
uprimp.com/ 377 B
551 B 176ms
58ms Script
application/javascript 185.66.200.189
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=988175&format=728x90&ga=g&bg=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.189 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.189.skhosting.eu
Software: nginx /
Resource Hash: d26bd18f71f2ca6466aba318adb596792e2719d13b1dd44b7db490d3c6da15fe

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 14:47:12 GMT
server: nginx
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Tue, 04 Feb 2020 14:47:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16d93f8991abc2b531c7c1f5e54bf6f8b941ee9595ebcf61370ee0b9d1047fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37759
x-xss-protection: 0
server: cafe
etag: 16823016256562014463
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Feb 2020 14:47:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tpaste.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tpaste.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/ 221 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e690f18638c83525e33be4e49f8deeff36facbb6625f1cc60db0fc4aad7c2f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84597
x-xss-protection: 0
server: cafe
etag: 18144207304837346261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Feb 2020 14:47:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/ Frame 549F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200131/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://tpaste.net/3gBwjcOf2L
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://tpaste.net/3gBwjcOf2L

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 31 Jan 2020 11:31:04 GMT
expires: Fri, 14 Feb 2020 11:31:04 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 357370
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET bnr_xload.php
uprimp.com/ Frame F775 0
0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 77F1 0
0 63ms
63ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2534138922680191&output=html&adk=1812271804&adf=3025194257&lmt=1580827634&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580827634498&bpp=11&bdt=2606&fdt=116&idt=116&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6203688811394&frm=20&pv=2&ga_vid=352641054.1580827635&ga_sid=1580827635&ga_hid=2126455443&ga_fc=0&iag=0&icsg=43583&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=749422335256689&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=127

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2534138922680191&output=html&adk=1812271804&adf=3025194257&lmt=1580827634&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580827634498&bpp=11&bdt=2606&fdt=116&idt=116&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6203688811394&frm=20&pv=2&ga_vid=352641054.1580827635&ga_sid=1580827635&ga_hid=2126455443&ga_fc=0&iag=0&icsg=43583&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=749422335256689&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://tpaste.net/3gBwjcOf2L
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://tpaste.net/3gBwjcOf2L

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 Feb 2020 14:47:14 GMT
server: cafe
content-length: 538
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Feb-2020 15:02:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 04 Feb 2020 14:47:14 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580744964772619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27910
x-xss-protection: 0
expires: Tue, 04 Feb 2020 14:47:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 9gcSwRBKtW/b8a0vSRsHZuab8EZT3qFQpaNfQMQf+eTro2wJ7ehDZHq5y23Ba66prg5adZKCf2msEl41B/SPeA==
x-fb-trip-id: 1850256238
date: Tue, 04 Feb 2020 14:47:14 GMT, Tue, 04 Feb 2020 14:47:14 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK index.php Show response
telegram.im/widget-button/ 4 KB
1 KB 110ms
36ms Script
text/javascript 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/index.php?id=@PremiumHost

Requested by

Host: tpaste.net
URL: https://tpaste.net/3gBwjcOf2L

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.222.161.46.78.clients.your-server.de

Software

nginx /

Resource Hash

db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 14:47:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Feb 2020 14:47:14 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 get-paste Show response
tpaste.net/ 3 KB
2 KB 1892ms
1892ms XHR
application/json 2606:4700:3033::681f:5e9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tpaste.net/get-paste
Requested by: Host: tpaste.net
URL: https://tpaste.net/themes/darklight/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5e9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5bf96b4096aeeedce2a0cf7e0ee42856d60f3415b97784ee26057e50282f558

Request headers

Accept: */*
Referer: https://tpaste.net/3gBwjcOf2L
Origin: https://tpaste.net
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 Feb 2020 14:47:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-cache, private
cf-ray: 55fd704cf9019754-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145281542-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 821
date: Tue, 04 Feb 2020 14:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Tue, 04 Feb 2020 16:33:33 GMT

GET
H2 200 416582378992209 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/416582378992209?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47e8efc3931363ae57f3a50a2f792c827b9a74ec57a1f7a3ceeaf6f5be45fd61

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114931
x-xss-protection: 0
pragma: public
x-fb-debug: +hdYy4Asw5ooZFeK+uU/cMCyBz8iT81lQMwGWZuW0eUkCN1RCLdl7v0AyHO1e7q8QbMt4tPRN1sgzlyTeI09DQ==
x-fb-trip-id: 1850256238
date: Tue, 04 Feb 2020 14:47:14 GMT, Tue, 04 Feb 2020 14:47:14 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2126455443&t=pageview&_s=1&dl=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&ul=en-us&de=UTF-8&dt=50x%20Zalando%20Accoutns%20-%20TPaste.net&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1183827573&gjid=602906711&cid=352641054.1580827635&tid=UA-145281542-1&_gid=1187847740.1580827635&_r=1&gtm=2ou1m0&z=2077708597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 14:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416582378992209&ev=PageView&dl=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&rl=&if=false&ts=1580827634759&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1580827634758.789263007&it=1580827634724&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:14 GMT, Tue, 04 Feb 2020 14:47:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 04 Feb 2020 14:47:14 GMT

GET
H/1.1 200
OK widget-button.css.php
telegram.im/widget-button/ 2 KB
823 B 35ms
35ms Stylesheet
text/css 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/widget-button.css.php

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@PremiumHost

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.222.161.46.78.clients.your-server.de

Software

nginx /

Resource Hash

1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 14:47:14 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fonts.css
telegram.im/widget-button/ 4 KB
1 KB 70ms
35ms Stylesheet
text/css 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/fonts.css

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@PremiumHost

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.222.161.46.78.clients.your-server.de

Software

nginx /

Resource Hash

29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 14:47:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 09:05:17 GMT
Server: nginx
ETag: W/"58b29a4d-f47"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Expires: Tue, 11 Feb 2020 14:47:14 GMT

GET
H/1.1 200
OK style.css
telegram.im/widget-button/ico/ 1 KB
795 B 105ms
34ms Stylesheet
text/css 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/ico/style.css

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@PremiumHost

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.222.161.46.78.clients.your-server.de

Software

nginx /

Resource Hash

7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 14:47:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 09:02:08 GMT
Server: nginx
ETag: W/"58b29990-42b"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Expires: Tue, 11 Feb 2020 14:47:14 GMT

GET
H/1.1 200
OK WidgetTelegramButton.min.js Show response
telegram.im/widget-button/ 49 KB
15 KB 134ms
60ms Script
application/x-javascript 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/WidgetTelegramButton.min.js

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@PremiumHost

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.222.161.46.78.clients.your-server.de

Software

nginx /

Resource Hash

c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 14:47:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 21:40:46 GMT
Server: nginx
ETag: W/"58b34b5e-c56c"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Expires: Tue, 11 Feb 2020 14:47:14 GMT

GET
H/1.1 200
OK telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 1 KB
2 KB 103ms
34ms Font
application/octet-stream 78.46.161.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.161.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.222.161.46.78.clients.your-server.de
Software: nginx /
Resource Hash: c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://telegram.im/widget-button/ico/style.css
Origin: https://tpaste.net

Response headers

Date: Tue, 04 Feb 2020 14:47:15 GMT
Last-Modified: Sun, 26 Feb 2017 09:02:02 GMT
Server: nginx
ETag: "58b2998a-59c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1436

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416582378992209&ev=Microdata&dl=https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L&rl=&if=false&ts=1580827635262&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2250x%20Zalando%20Accoutns%20-%20TPaste.net%22%2C%22meta%3Adescription%22%3A%22info%40tracomm.be%3Amumu18%20gymnasiumsoerike%40hotmail.com%3Aieniemienie%20ann.piessens%40skynet.be%3Asibelius%20j.doesburg%40spikkerspecials.nl%3Aspecials%20bkersting%40planet.nl%3Agmkkrom%20maselissabrina%40msn.com%3Atweety%20Dave.ma...%22%2C%22meta%3Akeywords%22%3A%22tpaste%2C%20tpastenet%2C%20tpaste.net%2C%20paste%20t%2C%20t%20paste%20net%2C%20www.tpaste.net%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%2250x%20Zalando%20Accoutns%20-%20TPaste.net%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftpaste.net%2F3gBwjcOf2L%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftpaste.net%2Fimg%2Fimage.png%22%2C%22og%3Asite_name%22%3A%22TPaste.net%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1580827634758.789263007&it=1580827634724&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:15 GMT, Tue, 04 Feb 2020 14:47:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 04 Feb 2020 14:47:15 GMT

GET
H2 200 theme-chrome.js Show response
cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ 3 KB
1 KB 200ms
200ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/theme-chrome.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ad284e4036d0d8e680c33680ddb114fa88ad1634673798d7d048a86f072ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://tpaste.net/3gBwjcOf2L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 14:47:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 4505190
cf-ray: 55fd7058dc4697ae-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Sun, 24 Feb 2019 09:15:51 GMT
server: cloudflare
etag: W/"5c7260c7-bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Jan 2021 14:47:16 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=988175&format=728x90&ga=g&bg=1&xt=158082763290730&xtt=4675355

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tpaste.net/	1970-01-19 07:07:14	Name: tpastenet_session Value: eyJpdiI6IjZlWDZIWFZHelFZNnFHZjZVckhtY2c9PSIsInZhbHVlIjoiQm1pU0ZyVmZ5MlJNbE82Q2dtRnVFelZ4dGJqT1M3VEZscXpMelhLWFg5emhoNTMyenBWMSt3NGw5UkxYXC95WWQiLCJtYWMiOiIxZDZkNDIzMzg5MTIyOTcxYjY2NmE4NjdjZWIzZTkzZGJmYTgzZmQyYjdmOWEzMzBkNTA3OWY4MDkyMmMzMjM3In0%3D
tpaste.net/	1970-01-19 07:07:14	Name: XSRF-TOKEN Value: eyJpdiI6IlBoN2J4WWxCYzFcL3o2XC85VW9hNk9VQT09IiwidmFsdWUiOiJ3ek1EZFpNTzBmNjE5Z1wvb3VrUjd4aW8zckFwdG5BZFdreGswYXVnanczOGFjVEo1Ym1VZzVReW1iRnk1RTRMZSIsIm1hYyI6IjUwZGE3N2M0YzAyM2YwYzhmMTcwZTI5Y2M4MjU0ODg4M2I2N2UxOWZmMzk5ZDdhYzFjMmUzZjdlNTVhMzE4YjMifQ%3D%3D
.tpaste.net/	1970-01-19 07:50:19	Name: __cfduid Value: d8ca99bf831af8197ea87e2011cb5d80b1580827630

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 47) Message: complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
telegram.im
tpaste.net
uprimp.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
uprimp.com
185.66.200.189
2001:4de0:ac19::1:b:2b
2606:4700:3033::681f:5e9a
2606:4700::6811:4004
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:824::2008
2a00:1450:4001:825::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
78.46.161.222
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b7b069519381d446e7e189d47461a4a6f7b45f134ee143dcc7476798361550c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16d93f8991abc2b531c7c1f5e54bf6f8b941ee9595ebcf61370ee0b9d1047fb1
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
28efdaf6b5fd82e455ba6247936bd3468446a29b7e0bcccecde5fa90da4a3ed7
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3d0c7e6238e0ce8e93a15e03ec18ad1a78694d730269a429716731888c022e12
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3df9e8425e492ddcb3a9f04c5a22a3894fefdd6471b44cfe67c9b81b2c06e7c9
47e8efc3931363ae57f3a50a2f792c827b9a74ec57a1f7a3ceeaf6f5be45fd61
4808ad9deba778e39ea98e34607ab5e5f7be65c9698f2773edb953ec80ef1e62
4bda1b358d078fce7bbb8b6a584ab5ad2fedc24a85c874cd8bddc0cdf8395796
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
628ebd02b9fa963b00412fcff1311675ffd5b10f2525fe10630a174d7bbb7bb1
634b3ad58f2bfe3582512ae7689894fc5fbf5edc73e2f0708763f9ec99e8b451
75ad284e4036d0d8e680c33680ddb114fa88ad1634673798d7d048a86f072ab7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7c0759c59ef65a4a850ff9c81fe14bf21e95b14571ba997af5dec2d38ae1f03a
8245819a48f2ffc7b5414cf9b6fe02098804b6347cb11946897b0c79e6d5794a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f7203faab092c2f8609a1d3273dd2fda2f91ddb7ebc55dd6edc3d8d9a9a0800
a3fc1fc614c409bf7a39e46cd8f77b139d1abcd67363a70d6f274d13b007654a
a8b04f0b17f949a21d91d53db632b613b81eaa7d00af47eaf191ebea5bc25eec
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
ca2ecd31212ab41d5a7a2af46bf16ac145878c3ec5f1bf9503caeea72b8924bf
d26bd18f71f2ca6466aba318adb596792e2719d13b1dd44b7db490d3c6da15fe
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d5085ed79897ea0bb65b0abbb28e15b255519cae289d84d372c83f75492fd8d4
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
e13326afae50c572abedb8412a6a9de08bd1c5e4f5b8d9ae0bab3488897b7788
e690f18638c83525e33be4e49f8deeff36facbb6625f1cc60db0fc4aad7c2f25
e75cd939df59cad618b4788d41c2448a95680acad858cee2dae64c4151461c8a
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
eda901ae59aa8595e3beb351c85b95e308b04c24426e485697495d8622ccfceb
f131af7d50e0a621238861b15d4cddedd62a79053e75cd9b3e601f95850807de
f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462
f5bf96b4096aeeedce2a0cf7e0ee42856d60f3415b97784ee26057e50282f558
fd3e189b33dc2a89de07ae4e559ba3d4d076847eb8d3d32516904226cb35ab49

tpaste.net Open in urlscan Pro 2606:4700:3033::681f:5e9a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

87 %IPv6

16 Domains

17 Subdomains

16 IPs

5 Countries

1702 kBTransfer

5484 kBSize

3 Cookies

4 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tpaste.net Open in urlscan Pro
2606:4700:3033::681f:5e9a Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

87 %
IPv6

16
Domains

17
Subdomains

16
IPs

5
Countries

1702 kB
Transfer

5484 kB
Size

3
Cookies

50 HTTP transactions
1 data transactions