pastebin.com Open in urlscan Pro
2606:4700:10::6817:62be Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://short.songatak.com/C
Effective URL:
https://pastebin.com/meEFBeKd
Submission: On December 26 via manual (December 26th 2020, 11:45:57 pm UTC) from RU

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 16 domains to perform 81 HTTP transactions. The main IP is 2606:4700:10::6817:62be, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3037::6812:2126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:10:... 2606:4700:10::6817:62be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
8	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.158.189.107 35.158.189.107	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.76.211.112 54.76.211.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:bdf::13 2620:1ec:bdf::13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
81	21

8 2606:4700:3037::6812:2126 (United States)

ASN13335 (CLOUDFLARENET, US)

short.songatak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:10::6817:62be (United States)

ASN13335 (CLOUDFLARENET, US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.189.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.211.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	pastebin.com pastebin.com	309 KB
10	googlesyndication.com eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	117 KB
8	songatak.com short.songatak.com	50 KB
5	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	109 KB
3	googletagservices.com www.googletagservices.com	76 KB
3	buysellads.net cdn4.buysellads.net	165 KB
2	criteo.net static.criteo.net	51 KB
2	google.com adservice.google.com www.google.com	803 B
2	servenobid.com ads.servenobid.com public.servenobid.com	464 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	711 B
2	criteo.com bidder.criteo.com gum.criteo.com	142 B
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	803 B
1	sharethrough.com btlr.sharethrough.com	111 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
81	16

	Domain	Requested by
36	pastebin.com	short.songatak.com pastebin.com
8	short.songatak.com	short.songatak.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net short.songatak.com pastebin.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net
3	cdn4.buysellads.net	pastebin.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	gum.criteo.com	static.criteo.net
1	www.google.com	securepubads.g.doubleclick.net
1	eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ads.servenobid.com	cdn4.buysellads.net
1	ib.adnxs.com	cdn4.buysellads.net
1	btlr.sharethrough.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	pastebin.com
1	cdnjs.cloudflare.com
81	23

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://pastebin.com/meEFBeKd
Frame ID: 566B409AED6F56E46F199C30FDFF9375
Requests: 70 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDxNfNh8edZ0P2GmeW8jaqNbsotPmMGoe0smBfuN4zlYC8SYFhay3QLGyKRz4Z-mCMH1AFA6kc3FJuLjY5sjjrnO3wZQvPsjOKksHZsOJ88tO97BjpJvyYxyaBd2uaYrI9DMxUfFdz88_KDYmm8JBHgq5D3OLcwzXqwA3RaeSqfG1iU9WP_Lik1HhyHQr6-6Gi7nouCBnmbBcGYwiLa_O71Q8dbD-6u94pOxdw_m6K2wSFF_FbECKFQxL2l9GkOKvBCc_I-WS2OqaNMod5imh44w&sai=AMfl-YT-L_X_TTDKpBh51agfHRnB7A1T1x8LyZtLQvjDD61kwmRcRNc55QKq4mHdYS_HKdwNn4FOqmDCbGl3bWin033gUX2TD_KfRx9WCkeaWQ4lbtA1y1bX1u0H2JLcpR-8&sig=Cg0ArKJSzBB7BZrhYV3eEAE&adurl=
Frame ID: 1C1959C924749914D50CEC5B013D8DA4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: CFAC5B68A7B28EC65ADA5C139A9B469D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pastebin.com
Frame ID: 4E924F403C7A7ACB1949E650D54FD781
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 634C3E1618A3485A23475FB77AF55545
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E570F5B992DCA364110BF87350AC972C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://short.songatak.com/C Page URL
https://pastebin.com/meEFBeKd Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

81
Requests

90 %
HTTPS

65 %
IPv6

16
Domains

23
Subdomains

21
IPs

7
Countries

939 kB
Transfer

2410 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://short.songatak.com/C Page URL
https://pastebin.com/meEFBeKd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set C Show response
short.songatak.com/ 3 KB
2 KB 403ms
376ms Document
text/html 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec84d2e436a3cf3083f45146e9ce25be917635c0b6d6a809462e9dfebe412bf

Request headers

Host: short.songatak.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da7374b91d146ad1386747bce5eca946c1609026340; expires=Mon, 25-Jan-21 23:45:40 GMT; path=/; domain=.songatak.com; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
cf-request-id: 07430a9de50000dfe3f531b000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W28QdqdLIFfqMOrz6QHbgSUoPzw3gXhQqTWCgpva5z8ATBpJgYUwSNkesivbCni7XQejVO3n%2BUihXueeeRBCWLDRp5cibbZRUGFHSyud4KDV0wjWtkRizCvGK%2F2eBok%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 607ead430c1bdfe3-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK frontend.css
short.songatak.com/css/ 5 KB
2 KB 19ms
17ms Stylesheet
text/css 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/css/frontend.css
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 06 Jan 2013 09:31:32 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rGtNKrm2wO74A0zD9uNCeUFz%2B4Sm1JCpmySN4nZjRCNgi2JcSvYi5lbVWDZG3f9cuQW41xVB9fIKQGeRvdHvRTugzVHeiizYv0FdabG%2BWsWUnLPfaaB5f9HETc2taCY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead457efcdfe3-FRA
Content-Length: 1664
cf-request-id: 07430a9f6c0000dfe3b7924000000001

GET
H/1.1 200
OK jquery.min.js Show response
short.songatak.com/assets/e9ff9633/ 94 KB
33 KB 46ms
39ms Script
application/javascript 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/assets/e9ff9633/jquery.min.js
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 05 Aug 2020 09:32:48 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gvQ0l5fl5L3c5DW4EFnJRyA2W5Dj3SH%2BcnLXHf%2BChLkAGu%2FZvM%2FKUjX%2BDqg%2BBcUnu1eutRBAH%2F7TzgCZRm8vqzvYCDSOwBm1Ew5%2BfY%2Fbae6W7nB%2BBSMCJ3qfxuRAST0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead458cf716ea-FRA
Content-Length: 33225
cf-request-id: 07430a9f71000016eab3306000000001

GET
H/1.1 200
OK frontend.js Show response
short.songatak.com/js/ 4 KB
2 KB 29ms
23ms Script
application/javascript 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/js/frontend.js?v=0.1
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 10 Feb 2018 11:32:48 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iplGSYHdOBkR%2B3PH99B58745cVHgdFx2t5yxGn6gm75TQQiXqvWq%2BiHPyo2bI3fK0%2FByUiXgtqRFMzsA89WK%2BgNLIX%2BjN2gMxm%2BTBopY49tPHgaOlIQhaFI1Gx6fWow%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead45894d177e-FRA
Content-Length: 1431
cf-request-id: 07430a9f720000177eda872000000001

GET
H/1.1 200
OK clipboard.min.js Show response
short.songatak.com/js/ 11 KB
4 KB 27ms
21ms Script
application/javascript 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/js/clipboard.min.js
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 10 Feb 2018 11:00:08 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X7dZxR57b6IWs8yZ1VkghNNOhcNJ2rI70UztPx9WW%2FHN5AQWQjN5d1zOciIrjTt02vr%2F2w1rsG3v2zDpyYdRYVmnbT%2FQ8i2lTFpzZaiVKClQzdxaA6FvTaAiQ5W6tHc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead4589c9d721-FRA
Content-Length: 3397
cf-request-id: 07430a9f720000d721771cc000000001

GET
H/1.1 200
OK share42.js Show response
short.songatak.com/js/ 4 KB
2 KB 32ms
26ms Script
application/javascript 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/js/share42.js
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 24 Dec 2012 16:22:48 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5plK0LCq3BpRJTfiK%2BAiLnefZzIyiM07tk5nJ5zlq6ExxzXH3wtRsrGxBElRDcpoGpjIFS7p7wD2m1g0qYJ5CCSHM3xYF%2FDbqJvQsnfRTzx%2Bvu2wobumIO9Q%2FXv%2B9nI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead458950177e-FRA
Content-Length: 1356
cf-request-id: 07430a9f720000177ec6826000000001

GET
H/1.1 200
OK cookieconsent.latest.min.js Show response
short.songatak.com/js/ 4 KB
3 KB 29ms
24ms Script
application/javascript 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.songatak.com/js/cookieconsent.latest.min.js
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/C
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 09 Jan 2016 14:31:46 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OS2gnair21hwPYxRRHi9HZxu44UZSuoDrakh%2BIbk9YeCnyfyLPmZ8wmOLDpU2P6%2FPsh%2FXatG5O7DI34c6E4BNUNp%2FUZgSOZ4U%2Foqf0egTx2A%2FyQ6MQBZX6D7xLY3%2Feg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead458d822c19-FRA
Content-Length: 1946
cf-request-id: 07430a9f7200002c1942b04000000001

GET
H/1.1 200
OK bg.png
short.songatak.com/images/ 2 KB
2 KB 16ms
15ms Image
image/png 2606:4700:3037::6812:2126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://short.songatak.com/images/bg.png
Requested by: Host: short.songatak.com
URL: http://short.songatak.com/css/frontend.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:2126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535

Request headers

Referer: http://short.songatak.com/css/frontend.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 23:45:40 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 15 Dec 2012 19:51:36 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vXBFSuQqiOu%2BxDryX5KSvn%2FYB3xUA2%2B7SQt9ZR8xNGt7Vnb9rAYtN5VRR9ZPlIMbhB7BxnMRcpzF5Sw9AOfE5CQvoSwiD2GTmXC899O%2BeFtvzQWSiIAKcm0I9ix%2BJzE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 607ead45fda716ea-FRA
Content-Length: 1575
cf-request-id: 07430a9fb8000016ea9db1b000000001

GET
H2

200

light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

3 KB
1 KB

23ms
11ms

Stylesheet
text/css

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://short.songatak.com/C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 71270
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 776
cf-request-id: 07430a9fe500004a970f82c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0VQ6v6qfkz1ue286CbQ2P5TzWv1sFJq%2BiNCXr2ht2Ham%2BRq3Vyi54Mv7jgsqzH%2BuGXWGBkRIdJ2XTCgahfGzWIgxsvJGh5B7YlY34278rBQhDXDLAnMmQyFYgnuCEiHF1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 607ead463a7d4a97-FRA
expires: Thu, 16 Dec 2021 23:45:40 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
Non-Authoritative-Reason: HSTS

GET
H2 200 Primary Request meEFBeKd Show response
pastebin.com/ 14 KB
4 KB 305ms
291ms Document
text/html 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/meEFBeKd

Requested by

Host: short.songatak.com
URL: http://short.songatak.com/C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd42b708e44b2dcab7d925898de900f2621c7e3dcd0c84d16b171f82edb5590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /meEFBeKd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://short.songatak.com/C
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.songatak.com/C

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8679b605c50afe78ab9565abd70baaa41609026343; expires=Mon, 25-Jan-21 23:45:43 GMT; path=/; domain=.pastebin.com; HttpOnly; SameSite=Lax; Secure _csrf-frontend=d378e073cfaacc7976b4df97dfd0631015b5d2fd90e3e85ad31828f308ffb491a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22A49P1vPK606mJvHz_TAnrH2W-8uiDP6e%22%3B%7D; path=/; HttpOnly
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 07430aab9b000005d08a98d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 607ead58fe4305d0-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: pastebin.com
URL: https://pastebin.com/meEFBeKd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ae189a4e1699c770d5f13c77e772531aca8cf206d655fd02dccd67999408034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39114
x-xss-protection: 0
last-modified: Sat, 26 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Dec 2020 23:45:44 GMT

GET
H2 200 bootstrap.min.css
pastebin.com/assets/c80611c4/css/ 119 KB
23 KB 14ms
13ms Stylesheet
text/css 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/assets/c80611c4/css/bootstrap.min.css
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Feb 2019 15:55:38 GMT
server: cloudflare
age: 4127
etag: W/"5c643dfa-1da71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 607ead5ad94405d0-FRA
cf-request-id: 07430aacc8000005d0dc8ef000000001

GET
H2 200 vendors.bundle.css
pastebin.com/themes/pastebin/css/ 15 KB
5 KB 283ms
282ms Stylesheet
text/css 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/themes/pastebin/css/vendors.bundle.css?fd97d1a14d3e5eb8409d
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d216b015d990224e8a18f87dc47fcaf70c54e3da4c24ac82d9dc6c7908657f

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
etag: W/"5fe5fd07-3cc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 607ead5ad94505d0-FRA
cf-request-id: 07430aacc9000005d092393000000001

GET
H2 200 app.bundle.css
pastebin.com/themes/pastebin/css/ 84 KB
17 KB 365ms
364ms Stylesheet
text/css 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0fd5c9889d0553021d0f41089c773f4550cc5c6b365628690b55c3d2b26c59

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
etag: W/"5fe5fd07-14fc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 607ead5ad94705d0-FRA
cf-request-id: 07430aacc9000005d0eabff000000001

GET
H2 200 gettext.css
pastebin.com/themes/pastebin/css/geshi/light/ 1 KB
516 B 284ms
283ms Stylesheet
text/css 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/themes/pastebin/css/geshi/light/gettext.css?1596735063
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2470829abc7a9f3f4b3ed08f975570a0044b0deb971017b5accff7d118ec4f8

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
etag: W/"5fe5fd07-45d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-ray: 607ead5ad94905d0-FRA
cf-request-id: 07430aacc9000005d0af912000000001

GET
H2 200 guest.png
pastebin.com/themes/pastebin/img/ 1 KB
1 KB 13ms
12ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/guest.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4104
etag: "5fe5fd07-480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d2ddf05d0-FRA
content-length: 1152
cf-request-id: 07430aae3b000005d0a201b000000001

GET
H2 200 hello.png
pastebin.com/themes/pastebin/img/ 4 KB
4 KB 30ms
29ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/hello.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4125
etag: "5fe5fd07-e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d2de305d0-FRA
content-length: 3647
cf-request-id: 07430aae39000005d002a95000000001

GET
H2 200 jquery.min.js Show response
pastebin.com/assets/9ce1885/ 87 KB
33 KB 13ms
13ms Script
application/javascript 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/assets/9ce1885/jquery.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 May 2020 22:50:46 GMT
server: cloudflare
age: 4125
etag: W/"5eb09c46-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cf-ray: 607ead5cacd105d0-FRA
cf-request-id: 07430aade5000005d09a0b5000000001

GET
H2 200 yii.js Show response
pastebin.com/assets/f04f76b8/ 20 KB
6 KB 11ms
11ms Script
application/javascript 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/assets/f04f76b8/yii.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Jul 2020 21:45:32 GMT
server: cloudflare
age: 4125
etag: W/"5f04ecfc-51c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cf-ray: 607ead5cbd1a05d0-FRA
cf-request-id: 07430aadf6000005d0eb1e3000000001

GET
H2 200 vendors.bundle.js Show response
pastebin.com/themes/pastebin/js/ 454 KB
143 KB 376ms
375ms Script
application/javascript 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/themes/pastebin/js/vendors.bundle.js?fd97d1a14d3e5eb8409d
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c6912cb30b9a4bceefbecbc524c1473baf93e0a0204e3b44124e1c9550c476

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
etag: W/"5fe5fd07-717b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 607ead5cdd3305d0-FRA
cf-request-id: 07430aae02000005d0a3885000000001

GET
H2 200 app.bundle.js Show response
pastebin.com/themes/pastebin/js/ 14 KB
5 KB 286ms
286ms Script
application/javascript 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/themes/pastebin/js/app.bundle.js?fd97d1a14d3e5eb8409d
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a1d31c459e7a960e467ccb3ef9b8234a74b9101303c162fdd0cb89e2655b06

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
etag: W/"5fe5fd07-376a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 607ead5d2dd505d0-FRA
cf-request-id: 07430aae36000005d0e78f2000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3337
date: Sat, 26 Dec 2020 22:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 27 Dec 2020 00:50:07 GMT

GET
H2 200 pastebin.js Show response
cdn4.buysellads.net/pub/ 455 KB
164 KB 96ms
36ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 53a94d02579ac0591e0e11d421f5b1f5a033ef6f1d327ecf231ce58168e6389c

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
last-modified: Sat, 26 Dec 2020 23:36:05 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 254A9A2F878605F7
etag: W/"6310ca8a8a67fc111b8759fb030a49ec"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: kg3OusVGyZn7jYFqf7Sc+ZK9Tuy3Q0taaXQGNHWa71ansgSXJEl+cuc6QByUmowtd4wSw/Oijss=
expires: Tue, 21 Dec 2021 23:45:44 GMT

GET
H2 200 header_bg.png
pastebin.com/themes/pastebin/img/ 191 B
293 B 12ms
10ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/header_bg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4126
etag: "5fe5fd07-bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d2deb05d0-FRA
content-length: 191
cf-request-id: 07430aae3d000005d0d9128000000001

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/themes/pastebin/img/ 18 KB
18 KB 29ms
27ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4105
etag: "5fe5fd07-4660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d2ded05d0-FRA
content-length: 18016
cf-request-id: 07430aae3e000005d0aea54000000001

GET
H2 200 pro_btn_big.png
pastebin.com/themes/pastebin/img/ 6 KB
7 KB 25ms
23ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/pro_btn_big.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9e74aa04de953fd209167ee4c94ee3a06b7f75288944c38a0b193608cf08d5

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4103
etag: "5fe5fd07-19c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3def05d0-FRA
content-length: 6596
cf-request-id: 07430aae3e000005d0ce041000000001

GET
H2 200 add_2.png
pastebin.com/themes/pastebin/img/ 491 B
594 B 24ms
20ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/add_2.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4113
etag: "5fe5fd07-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3df105d0-FRA
content-length: 491
cf-request-id: 07430aae3e000005d09b38a000000001

GET
H2 200 facebook_svg.png
pastebin.com/themes/pastebin/img/ 794 B
977 B 26ms
22ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/facebook_svg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4069
etag: "5fe5fd07-31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3df205d0-FRA
content-length: 794
cf-request-id: 07430aae3e000005d0b6b41000000001

GET
H2 200 twitter_svg.png
pastebin.com/themes/pastebin/img/ 1 KB
2 KB 26ms
23ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/twitter_svg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4069
etag: "5fe5fd07-5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3df405d0-FRA
content-length: 1490
cf-request-id: 07430aae3e000005d0b225d000000001

GET
H2 200 user.png
pastebin.com/themes/pastebin/img/ 2 KB
2 KB 27ms
23ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/user.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4069
etag: "5fe5fd07-6c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3dfc05d0-FRA
content-length: 1737
cf-request-id: 07430aae40000005d0b910f000000001

GET
H2 200 date.png
pastebin.com/themes/pastebin/img/ 1 KB
1 KB 27ms
24ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/date.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4101
etag: "5fe5fd07-4b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3dfd05d0-FRA
content-length: 1203
cf-request-id: 07430aae40000005d0f11b1000000001

GET
H2 200 views.png
pastebin.com/themes/pastebin/img/ 1 KB
2 KB 28ms
24ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/views.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4100
etag: "5fe5fd07-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3dfe05d0-FRA
content-length: 1450
cf-request-id: 07430aae40000005d08fa27000000001

GET
H2 200 expire.png
pastebin.com/themes/pastebin/img/ 2 KB
2 KB 29ms
26ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/expire.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4069
etag: "5fe5fd07-6c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0005d0-FRA
content-length: 1729
cf-request-id: 07430aae41000005d0ea81d000000001

GET
H2 200 info.png
pastebin.com/themes/pastebin/img/ 2 KB
2 KB 26ms
23ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/info.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4104
etag: "5fe5fd07-68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0105d0-FRA
content-length: 1676
cf-request-id: 07430aae41000005d08a9bb000000001

GET
H2 200 linebg.png
pastebin.com/themes/pastebin/img/ 375 B
477 B 26ms
23ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/linebg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4104
etag: "5fe5fd07-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0305d0-FRA
content-length: 375
cf-request-id: 07430aae41000005d0c91e1000000001

GET
H2 200 public.png
pastebin.com/themes/pastebin/img/ 2 KB
2 KB 25ms
22ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/public.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4104
etag: "5fe5fd07-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0505d0-FRA
content-length: 2003
cf-request-id: 07430aae41000005d0e78f4000000001

GET
H2 200 footer_chrome.png
pastebin.com/themes/pastebin/img/ 3 KB
3 KB 21ms
18ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_chrome.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4124
etag: "5fe5fd07-bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0c05d0-FRA
content-length: 2990
cf-request-id: 07430aae42000005d0a201c000000001

GET
H2 200 footer_firefox.png
pastebin.com/themes/pastebin/img/ 3 KB
3 KB 22ms
19ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_firefox.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4124
etag: "5fe5fd07-c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0d05d0-FRA
content-length: 3178
cf-request-id: 07430aae43000005d0af931000000001

GET
H2 200 footer_ios.png
pastebin.com/themes/pastebin/img/ 3 KB
3 KB 23ms
20ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_ios.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-bc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e0e05d0-FRA
content-length: 3011
cf-request-id: 07430aae43000005d09e984000000001

GET
H2 200 footer_windows.png
pastebin.com/themes/pastebin/img/ 2 KB
2 KB 27ms
25ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_windows.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e1105d0-FRA
content-length: 1808
cf-request-id: 07430aae4b000005d0c1869000000001

GET
H2 200 footer_android.png
pastebin.com/themes/pastebin/img/ 2 KB
3 KB 28ms
25ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_android.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e2605d0-FRA
content-length: 2469
cf-request-id: 07430aae4b000005d0fb8d5000000001

GET
H2 200 footer_macosx.png
pastebin.com/themes/pastebin/img/ 3 KB
3 KB 30ms
28ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_macosx.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4124
etag: "5fe5fd07-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e2805d0-FRA
content-length: 2865
cf-request-id: 07430aae4c000005d0c390f000000001

GET
H2 200 footer_opera.png
pastebin.com/themes/pastebin/img/ 3 KB
3 KB 28ms
26ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_opera.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e2905d0-FRA
content-length: 2756
cf-request-id: 07430aae4c000005d0ef913000000001

GET
H2 200 footer_linux.png
pastebin.com/themes/pastebin/img/ 4 KB
5 KB 29ms
27ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/footer_linux.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4124
etag: "5fe5fd07-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e2b05d0-FRA
content-length: 4571
cf-request-id: 07430aae4c000005d0b9110000000001

GET
H2 200 facebook_circle.png
pastebin.com/themes/pastebin/img/ 818 B
941 B 29ms
27ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/facebook_circle.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e2e05d0-FRA
content-length: 818
cf-request-id: 07430aae4d000005d0b404c000000001

GET
H2 200 twitter_circle.png
pastebin.com/themes/pastebin/img/ 954 B
1 KB 28ms
26ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/twitter_circle.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-3ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e3105d0-FRA
content-length: 954
cf-request-id: 07430aae4d000005d0e0030000000001

GET
H2 200 close_promo.png
pastebin.com/themes/pastebin/img/ 1 KB
1 KB 27ms
26ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/close_promo.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4117
etag: "5fe5fd07-594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e3205d0-FRA
content-length: 1428
cf-request-id: 07430aae4d000005d08a9bc000000001

GET
H2 200 cd-top-arrow.png
pastebin.com/themes/pastebin/img/ 451 B
550 B 28ms
27ms Image
image/png 2606:4700:10::6817:62be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/themes/pastebin/img/cd-top-arrow.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6817:62be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Request headers

Referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?fd97d1a14d3e5eb8409d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 14:53:59 GMT
server: cloudflare
age: 4124
etag: "5fe5fd07-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 607ead5d3e3305d0-FRA
content-length: 451
cf-request-id: 07430aae4e000005d0e78f5000000001

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
385 B 45ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=617792316&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FmeEFBeKd&dr=http%3A%2F%2Fshort.songatak.com%2FC&ul=en-us&de=UTF-8&dt=brand%20ee%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=778974098&gjid=1817173453&cid=2001539156.1609026345&tid=UA-58643-34&_gid=1302289357.1609026345&_r=1&gtm=2oubu0&tc=x&z=1699364830

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Dec 2020 23:45:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "736 / 135 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:44 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
370 B 211ms
210ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.375839470498194
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 53DDAB07EBEEA1C3
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: EfGEAzw+bg+oZTsz5rJNVMBjTd7eWObZBAiKGxD1ZVhCGXjL9U8uktIFZklx+5upYW7Sk4RE7Dw=
expires: Tue, 21 Dec 2021 23:45:44 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
365 B 219ms
218ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.375839470498194
Requested by: Host: pastebin.com
URL: https://pastebin.com/meEFBeKd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 9B73459791A53F60
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: IjZ9HAvaNGbrcRyqdnrlMC/2QZpyZVamn2aS/N8b8zko3tDv4q9OuxmavBE7RsD4tZPQ6I8vwCE=
expires: Tue, 21 Dec 2021 23:45:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58643-34&cid=2001539156.1609026345&jid=778974098&gjid=1817173453&_gid=1302289357.1609026345&_u=IEBAAUAAAAAAAC~&z=500247744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Dec 2020 23:45:44 GMT
content-type: text/plain
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 87ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:44 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 122ms
40ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=58656407716
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Sat, 26 Dec 2020 23:45:44 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
111 B 77ms
27ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=pcAjQfNw8fDKi5LxaBkAqpEL&bidId=410e4ba212108e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.11.0&strVersion=3.2.1&secure=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Sat, 26 Dec 2020 23:45:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
711 B 86ms
30ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 26 Dec 2020 23:45:45 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid: 17873141-de60-404b-a9ca-aee9ab1230f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 301 B
464 B 156ms
66ms XHR
application/json 54.76.211.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10414
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.211.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d4e2ee510c7e96a798bb1d752258af053ce16f5fdb526a3440a6c159ce5a0491

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 33ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 173ms
141ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=526265787632584&correlator=2361875467681210&output=ldjh&impl=fifs&eid=21067994%2C21069143%2C21069145%2C21068030&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201226&iu_parts=8691100%2CPastebin_S2S_FixedFooter_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=optimize_refresh_int%3D0%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26bsas2srefreshed%3Dfalse%26bsas2sacceptable%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_debug%3Dfalse%26bsas2s%3Dtrue%26bsas2saudience%3Ddesign%26bsas2spub%3Dpastebin%26optimize%3Dtrue%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dpastebin&cookie_enabled=1&bc=31&abxe=1&lmt=1609026345&dt=1609026345401&dlt=1609026344131&idt=745&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1247647261&ucis=1&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpastebin.com%2FmeEFBeKd&ref=http%3A%2F%2Fshort.songatak.com%2FC&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=2001539156.1609026345&ga_sid=1609026345&ga_hid=617792316&fws=640&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

0ec49fac7686a9109f7564c71c6853723b0364e7a15d1d14dcf1088accaa02a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11376
x-xss-protection: 0
google-lineitem-id: 5324395187
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306261802
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C19 0
0 41ms
40ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDxNfNh8edZ0P2GmeW8jaqNbsotPmMGoe0smBfuN4zlYC8SYFhay3QLGyKRz4Z-mCMH1AFA6kc3FJuLjY5sjjrnO3wZQvPsjOKksHZsOJ88tO97BjpJvyYxyaBd2uaYrI9DMxUfFdz88_KDYmm8JBHgq5D3OLcwzXqwA3RaeSqfG1iU9WP_Lik1HhyHQr6-6Gi7nouCBnmbBcGYwiLa_O71Q8dbD-6u94pOxdw_m6K2wSFF_FbECKFQxL2l9GkOKvBCc_I-WS2OqaNMod5imh44w&sai=AMfl-YT-L_X_TTDKpBh51agfHRnB7A1T1x8LyZtLQvjDD61kwmRcRNc55QKq4mHdYS_HKdwNn4FOqmDCbGl3bWin033gUX2TD_KfRx9WCkeaWQ4lbtA1y1bX1u0H2JLcpR-8&sig=Cg0ArKJSzBB7BZrhYV3eEAE&adurl=

Requested by

Host: short.songatak.com
URL: http://short.songatak.com/C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Dec 2020 23:45:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:45 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 1C19 18 KB
7 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 07:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jan 2021 07:47:03 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 1C19 3 KB
2 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 06:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jan 2021 06:18:47 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C19 76 KB
29 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C19 0
0 33ms
14ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDo3SCoDSZEM4xFEWjv7OGGsT3xlutnSycM4H0HT4NQVrF9Bg-f_EwCE_iXF0IPgqOI1Re
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14411045596044271614
tpc.googlesyndication.com/simgad/ Frame 1C19 94 KB
94 KB 51ms
37ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14411045596044271614

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 23:14:22 GMT
x-content-type-options: nosniff
age: 174683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96289
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:29:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Dec 2021 23:14:22 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 52ms
40ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:45 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 43ms
21ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40fae20065f97a001bdecb6129b195ef9c5765afe500c2ccd0b3e6516a5ddc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6387
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 26 Dec 2020 23:45:45 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C19 0
22 B 33ms
33ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6dgiNDxenxFoc5SfSyZl9WSy0z5XGNyenw11WBV6GVezdtmORFNVEbuf7KJAYY_0OMDf9eTACpTy_RGxl0e0kb7_ZnASt91tviMQN_jcqAZMMI_NWn3GpkvYrfK4cyGZ4LtRZPiTuulaAtSQjntYjOUdpqERV7ZpsDOLaaDf353vBdzhtGQHGVRRVGu5nHgpAlHQsNg5dj62cD3Zm8hoCtluj7_j4dxE3ljEDA_6K3a7dqT66iKMSU5thYFaWr8O-iiAHZeedU-DDoMeEjWUHzimM&sai=AMfl-YTzTEETWPW7HqbkuQ9kU8cVLCu7IHNwZNorut1kHYKA-E10u5NOs-gUAuc90JQ5mdQe5E3WWqQF_xa2EjDPODMAHZNQXol9YH5iyTqdc5M_VPke4VtwMa20HZjFKV0d&sig=Cg0ArKJSzEFQ8HTwmXtJEAE&adurl=

Requested by

Host: pastebin.com
URL: https://pastebin.com/meEFBeKd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Dec 2020 23:45:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame CFAC 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/meEFBeKd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pastebin.com/meEFBeKd

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 26 Dec 2020 18:19:37 GMT
expires: Sun, 26 Dec 2021 18:19:37 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19568
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
201 B 16ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=526265787632584&bg=!YWKlYkLNAAUbEDgJG1jHNcMew_XhQAIAAACDUgAAABJoAQcKAVbBJ1Xgcvx-PBgW0yAvxEPULBa_Kj7K7sq4o9SV8bTNuDUIuii0oYaulxfHtwFkFumr8NsDiGde-iA-FrLivIJkD43vxQh0GL5f0PHWSsLvLQ-TMz9ZTm1KVQLRcicaYB1Jlwfe121gTajPM2ogY5QZccLsC_lG8yi4qQlyb0ZICjxaVg0w44cnE3P0gdEvGSU92HdQLjjdFd-a-jbnBnmEz82OSY5Pm1mBP-0E9yvCsG0GGnKtp7YpkseFjjBkJJJFCTh7bmX4b4Dr4utyyBZ18lfJSwCaqOuStBXRhs8MgkaObpQ_njY_AnCWc_MxngeLABNn_LPa9VbrO4IVRh9rzHwwIRJH0rO1ba8xuVFQviQG6CujIG5UESQzH7l0FjqiWVgcYRM6FJiZ4uY9Xr80e9xbVEKWPwiAbrwEdX5N1cREkRUXy28o9ofbd2ah6cKL849zS9eZAbVBZI-FEgdhtAlZ5t3SeLhOwXvqwApCWla6kb3xs3UFoBxzjmessTbfPfVzbrHD2jgpdGLxTYyDh-5ZCA9ipoB4DUKJte9QuPiQTuD6EhFXzlb88zAqiqW3Yln1y_ARl9p1uQZ_3AQyTUPGnul7KeAbvJaSdvZk1jAOGbxvq1UISGBLgq4uqBLVpUQXZhDVO43riFXTMQVoPCz2jFEmhEQ3HtERA0TE9EhS4rQjG_9nks-DjyLa5XEkxT2oDpzMhqdelcxuoxpBeNMBGmNa4nrSqSFrmI_nflUA7Y5QR13SdLEwz07asrLRO-j06Y994D-rAR18nFGGJgVibHpFnGEnC294UYjPXnqzQjBBgnTSniXtOlDnoOUlLCXaOnqvHkPU_6C5VCUAOIfaMl4KABAkEBs9lOn93tCT0vLAab_a-rDkM5AVHaXGmg348X9wN2EuEShWoWdoIGri5KItyxitbaz9LC9GqGhluCmYa7peiXgDECcdhQChcPBSt6q1vXSmHWv6RbhguxA0khpyo04fXREqsknGMW3W4f2wD1HBDt8g6HkWnyqPcAYk6vBvZxKOK2GOkw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Dec 2020 23:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1C19 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b31c74e744c6c7f6a2eb770c4cf082c80fd9feee1593646a668d44ce6124ed6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 79 KB
25 KB 74ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2e09c1d6823b640280575072c92f5d6c524262cdd52ad285dfbbee130544974a

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 16:22:27 GMT
server: nginx
etag: W/"5fd24b43-13cb8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 27 Dec 2020 23:45:46 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 4E92 0
0 71ms
21ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pastebin.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=pastebin.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/meEFBeKd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pastebin.com/meEFBeKd

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 497
date: Sat, 26 Dec 2020 23:45:46 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 79 KB
25 KB 68ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2e09c1d6823b640280575072c92f5d6c524262cdd52ad285dfbbee130544974a

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 23:45:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 16:22:27 GMT
server: nginx
etag: W/"5fd24b43-13cb8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 27 Dec 2020 23:45:46 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1C19 42 B
94 B 16ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4T4HD9FUwqXf4r-6NNjsk6MHd6zTe6fuB66Xa-nnaHbPEO_MFZzF1e-grkVkvpefWwKb9jRmkQaf1KeGZabXMgWQAbih6_3HePfRAbxs&sig=Cg0ArKJSzMT6NB9fUxvxEAE&adk=1247647261&tt=-1&bs=1600%2C1200&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&p=1105,436,1195,1164&mcvt=1021&rs=0&ht=0&tfs=517&tls=1538&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=10&niot_cbk=37&md=2&btr=0&cpmav=0&lm=2&rst=1609026345626&dlt&rpt=126&isd=0&msd=0&xdi=0&ps=1600%2C1200&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-16-7-15-15-0-0-0&tvt=1533&is=728%2C90&iframe_loc=https%3A%2F%2Fpastebin.com%2FmeEFBeKd&r=v&id=osdim&vs=4&uc=16&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201211

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/meEFBeKd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Dec 2020 23:45:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 634C 0
0 115ms
38ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/meEFBeKd
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pastebin.com/meEFBeKd

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 27 Dec 2020 23:45:50 GMT
Date: Sat, 26 Dec 2020 23:45:48 GMT
Connection: keep-alive

GET
H2 200 sync.html
public.servenobid.com/ Frame E570 0
0 41ms
10ms Document
text/html 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastebin.js?1609026000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pastebin.com/meEFBeKd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pastebin.com/meEFBeKd

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Mon, 21 Dec 2020 20:37:05 GMT
accept-ranges: bytes
etag: "6fa70d638c1d167f6d25e56056b38c30"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: CwOaO9ok5v0QFvo3aANcN0jDh0L4fVuNx1OHqir8EGxgMjQeAJDSXzLDODjDKkm66KGhVNHz+Zs=
x-amz-request-id: 26A962C9A8642F69
x-azure-ref-originshield: 0rG/nXwAAAABw616jayqHQpGEj/dn0kOgTE9OMjFFREdFMDExNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0LMvnXwAAAAClaoNU4MR9T5ggwIR8WQgkRlJBRURHRTEwMTIAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Sat, 26 Dec 2020 23:45:48 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pastebin.com/	1970-01-19 14:57:06	Name: _gat_gtag_UA_58643_34 Value: 1
.pastebin.com/	1970-01-19 14:58:32	Name: _gid Value: GA1.2.1302289357.1609026345
.pastebin.com/	1970-01-20 08:28:18	Name: _ga Value: GA1.2.2001539156.1609026345
pastebin.com/	1969-12-31 23:59:59	Name: _csrf-frontend Value: d378e073cfaacc7976b4df97dfd0631015b5d2fd90e3e85ad31828f308ffb491a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22A49P1vPK606mJvHz_TAnrH2W-8uiDP6e%22%3B%7D
.pastebin.com/	1970-01-19 15:40:18	Name: __cfduid Value: d8679b605c50afe78ab9565abd70baaa41609026343

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.servenobid.com
adservice.google.com
adservice.google.de
bidder.criteo.com
btlr.sharethrough.com
cdn4.buysellads.net
cdnjs.cloudflare.com
eba161df648028504cf09b1a9e99ecda.safeframe.googlesyndication.com
gum.criteo.com
ib.adnxs.com
pagead2.googlesyndication.com
pastebin.com
public.servenobid.com
securepubads.g.doubleclick.net
short.songatak.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
172.217.21.226
178.250.0.165
2.18.232.130
2606:4700:10::6817:62be
2606:4700:3037::6812:2126
2606:4700::6810:135e
2620:1ec:bdf::13
2a00:1450:4001:808::2001
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:821::2002
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
35.158.189.107
37.252.172.37
54.76.211.112
94.31.29.32
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0ec49fac7686a9109f7564c71c6853723b0364e7a15d1d14dcf1088accaa02a2
186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109
29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2b31c74e744c6c7f6a2eb770c4cf082c80fd9feee1593646a668d44ce6124ed6
2e09c1d6823b640280575072c92f5d6c524262cdd52ad285dfbbee130544974a
38d216b015d990224e8a18f87dc47fcaf70c54e3da4c24ac82d9dc6c7908657f
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3a0fd5c9889d0553021d0f41089c773f4550cc5c6b365628690b55c3d2b26c59
3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
40fae20065f97a001bdecb6129b195ef9c5765afe500c2ccd0b3e6516a5ddc9a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
53a94d02579ac0591e0e11d421f5b1f5a033ef6f1d327ecf231ce58168e6389c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
5fd42b708e44b2dcab7d925898de900f2621c7e3dcd0c84d16b171f82edb5590
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
6ae189a4e1699c770d5f13c77e772531aca8cf206d655fd02dccd67999408034
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642
700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f
8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c
8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
af9e74aa04de953fd209167ee4c94ee3a06b7f75288944c38a0b193608cf08d5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2470829abc7a9f3f4b3ed08f975570a0044b0deb971017b5accff7d118ec4f8
b6a1d31c459e7a960e467ccb3ef9b8234a74b9101303c162fdd0cb89e2655b06
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
cec84d2e436a3cf3083f45146e9ce25be917635c0b6d6a809462e9dfebe412bf
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d4e2ee510c7e96a798bb1d752258af053ce16f5fdb526a3440a6c159ce5a0491
d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9c6912cb30b9a4bceefbecbc524c1473baf93e0a0204e3b44124e1c9550c476
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

pastebin.com Open in urlscan Pro 2606:4700:10::6817:62be Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

90 %HTTPS

65 %IPv6

16 Domains

23 Subdomains

21 IPs

7 Countries

939 kBTransfer

2410 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastebin.com Open in urlscan Pro
2606:4700:10::6817:62be Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

90 %
HTTPS

65 %
IPv6

16
Domains

23
Subdomains

21
IPs

7
Countries

939 kB
Transfer

2410 kB
Size

5
Cookies

81 HTTP transactions
2 data transactions