paste-bin.xyz Open in urlscan Pro
2606:4700:3035::6815:2871 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste-bin.xyz/52711
Submission: On April 22 via manual (April 22nd 2022, 2:17:51 am UTC) from RU — Scanned from US

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 1 countries across 22 domains to perform 105 HTTP transactions. The main IP is 2606:4700:3035::6815:2871, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste-bin.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.

This is the only time paste-bin.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::6815:2871	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.65.25.51 18.65.25.51	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:201... 2600:9000:201f:6c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	3.13.44.106 3.13.44.106	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
3	23.36.81.70 23.36.81.70	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.1.175.157 52.1.175.157	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
5	2600:9000:220... 2600:9000:2202:c000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
9	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
6	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
105	29

12 2606:4700:3035::6815:2871 (United States)

ASN13335 (CLOUDFLARENET, US)

paste-bin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.25.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-25-51.lax53.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201f:6c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.13.44.106 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-44-106.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.81.70 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-81-70.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.175.157 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-175-157.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.192.192 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2202:c000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	295 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 pix.us.criteo.net — Cisco Umbrella Rank: 2162 csm.us.criteo.net — Cisco Umbrella Rank: 2149	380 KB
17	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 5091 buttons-config.sharethis.com — Cisco Umbrella Rank: 6017 l.sharethis.com — Cisco Umbrella Rank: 4704 t.sharethis.com — Cisco Umbrella Rank: 6009 sync.sharethis.com — Cisco Umbrella Rank: 2918 platform-cdn.sharethis.com — Cisco Umbrella Rank: 12062	64 KB
12	paste-bin.xyz paste-bin.xyz	82 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	62 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	207 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	45 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5092 ads.us.criteo.com — Cisco Umbrella Rank: 2037 cat.va.us.criteo.com — Cisco Umbrella Rank: 2792	42 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	138 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 327	489 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1582	468 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	925 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 960	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	897 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1291	2 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 883	823 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	647 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1199	5 KB
105	22

	Domain	Requested by
12	paste-bin.xyz	paste-bin.xyz static.cloudflareinsights.com
10	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	static.criteo.net	ads.us.criteo.com
9	pagead2.googlesyndication.com	paste-bin.xyz pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com paste-bin.xyz googleads.g.doubleclick.net
7	cdnjs.cloudflare.com	paste-bin.xyz cdnjs.cloudflare.com ads.us.criteo.com
6	pix.us.criteo.net	ads.us.criteo.com
5	platform-cdn.sharethis.com
5	sync.sharethis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	paste-bin.xyz googleads.g.doubleclick.net
3	www.googletagmanager.com	paste-bin.xyz www.googletagmanager.com
2	csm.us.criteo.net	ads.us.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects
2	match.adsrvr.org	2 redirects
2	ps.eyeota.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	loadus.exelator.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	l.sharethis.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	paste-bin.xyz
1	cms.analytics.yahoo.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	static.cloudflareinsights.com	paste-bin.xyz
1	platform-api.sharethis.com	paste-bin.xyz
105	35

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-25` - `2022-06-20`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-18` - `2022-06-16`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2022-07-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://paste-bin.xyz/52711
Frame ID: 20E5B5CBFBF74E918FA0C5D7F5D08816
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/zrt_lookup.html
Frame ID: 90892D40F48B35A23BFD793FA9620B06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515879970651119&output=html&adk=1812271804&adf=3025194257&lmt=1650593866&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650593865951&bpp=4&bdt=1132&idt=160&shv=r20220419&mjsv=m202204180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2950153110852&frm=20&pv=2&ga_vid=463097057.1650593866&ga_sid=1650593866&ga_hid=2071268738&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531533&oid=2&pvsid=1535361421153440&pem=566&tmod=1948773396&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177
Frame ID: E7FC0652350DEFCBAD8286D96BFC5A9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4926009532E2036B81950B369D765CEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86A4587B860EB0442BCB1F6DA2488549
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.906.23338&cid=c010&cls=B
Frame ID: D0A0DA18A00E91CFE6EE2431178ABF60
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.906.23338/a/US/t_.js?cid=c010&cls=B
Frame ID: B89A8CEADF1CEE70D01CE1AEA9F4C964
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1
Frame ID: 445CB182EC95D97D820782D674018000
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1
Frame ID: B48E0499C535B6F28100D980FCA2EB57
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YmIQSgADFEwKcQQFAA_OvRDELMMdJtlxZeAmrg&u=%7CFjEad1YiC19ZTYTILemkbltCPIgANdphvK%2FmeujCvuk%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVv5BSlWlgWusjaIhOie6o7KErhKHrlLQKQrXumyEY8F97GP0HEF-tfy7EH0726abfxCHRgsQenlJQOYp3BrzqLrfSDmeZRUp1VWkdc-BIy0t0oADBJwWdXGXqdGBcOhybq8YQwmQ2NPMBt1uGdpoePdbwcnA1YZ0rXnryBbCTJovYAUKyl2uMhGDOLsJIBp7fQYKfBiCCST71AnKKe7aUHn7Jna3T_7b2gLiEfmAmiKX_28DZ7AJW_LNsUte1ZE5z8NeaVBvToxxs36F9rWNhbEuSk3J3KWf0_BTyuNZOo_FdGM-MvJe-xhyzcrCl5QgBUqbpCE0yBDfXXCIFkkA5f6gdYYuKzdcgzbIbAMEaq3Iw9YhdiFiz6aeK7yqGqYA3JH2GHVSHa-7oW_SZgaLvMrLRkTWbk43w3cFNaGfz_mFmcpL5fduc1nbJzx_UGiUt6C9d98vG9Ga&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClCWKShBiYsyoDIWIxAO9nb-wD5yB77BcgvO3nZ0BwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzUxNTg3OTk3MDY1MTExOaABrN3-6APIAQmoAwGqBMcBT9CpD3OK5CEt3oiTRlLVixr0Z3_a_LO5TsnrqSSPS6xdL91LYur0WhP_l5scBvvdXsJwzKXFuAmaf8WXzNAAVRHQyJmq_zqmd6_tvMZO53fzROJtGB_Fxn2MDLPJ028JK7WP_NtKRluNTgx1Oza76A44HX7JHlyeKmAx4Vc8YYupOdiPscx0bGKaW0e52jM6S62PEGrTPVi9N5TgGLiRxGOxbzyZXl2bnHIoZZJaRo18eoqGxwIpOzUXlz6nqSyd_WFsM4v3oYAG_-O9s86DidtdoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bOitd0GdqCpUoZ_Tckfx-oLjw5w%26client%3Dca-pub-3515879970651119%26adurl%3D
Frame ID: E02A93766FA58B35752E7779892C1B72
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: 28132296956B94DDCA4E416390BBB36D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C2BF849EBDB09C17945114F0C3B032DD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: EE30E8F082B30825FA7A4F4828CA9066
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

روليت بمال حقيقي ◁ اربح مال حقيقي من روليت اون لاين - Paste-bin for Sharing Code and Text

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

105
Requests

93 %
HTTPS

59 %
IPv6

22
Domains

35
Subdomains

29
IPs

1
Countries

1415 kB
Transfer

3546 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://l.sharethis.com/pview?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&cms=unknown&publisher=60c3d28345ab7c0014a0a910&sop=true&version=st_sop.js&lang=en&description=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20pastebin%20Paste%20can%20store%20text%2C%20source%20code%20or%20sensitive%20data%20for%20a%20set%20period%20of%20time. HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&cms=unknown&publisher=60c3d28345ab7c0014a0a910&sop=true&version=st_sop.js&lang=en&description=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20pastebin%20Paste%20can%20store%20text%2C%20source%20code%20or%20sensitive%20data%20for%20a%20set%20period%20of%20time.&samesite=None

Request Chain 46

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=58d31ac5a44fbb8ed58070d9005075c9

Request Chain 47

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=970e08754bd83e2695e01fae3de84049&gdpr=0&gdpr_consent=

Request Chain 48

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2qmCe5xZgKWd0DWnvqY-AsylXKIirk_g1Bv4_8qdxCrg&gdpr=0&gdpr_consent=

Request Chain 49

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=96cbd054-1572-4909-b184-0625fedf9e76&gdpr=0&gdpr_consent=

Request Chain 50

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3626677757604266036 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjY3Nzc1NzYwNDI2NjAzNhAAGg0IyqCIkwYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=61c3f0e188e5aa556c9c3fb78e8a42414a95deb540e2f5ca2108c65b410b837ef4cb09cee1a4f8eb&person_id=3626677757604266036&eid=50082

Request Chain 51

https://cms.analytics.yahoo.com/cms?partner_id=SHARET&gdpr=0&euconsent= HTTP 302
https://sync.sharethis.com/yahoo?uid=y-uc2wNQNE2oMtXF1h1kEMUzTACeWOxlkeQfhS~A

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 52711 Show response
paste-bin.xyz/ 49 KB
11 KB 356ms
267ms Document
text/html 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/52711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.33

Resource Hash

4e850ac9fc6fa6d1dedcd75545201953961a718d7feb70aee68cb5d37caa016c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6ffadd657d6c17d9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 02:17:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS7JTd4eAzRfE5GrcwTg4J9ECcNyiQ1cE4EoLQonsfTrX2cd%2F1uNN9D2J1v6SrVzV88KWjgalSfxDni2JgwaLf2JIOXrgAb9cPSja4xwhtfWC22QDeCCM06kOypnxUa0QojlsXNjUgskmZmZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: PHP/7.3.33

GET
H2 200 paste.css
paste-bin.xyz/theme/bulma/css/ 976 B
868 B 435ms
434ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/paste.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d05053af05069fcdca80196c509b2b126ae4be51bb8391306a68f301665e4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/52711
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1239
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d0085f-4d7-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s43nvKkPvu3cF5Dq159XMNYgHH5fXIzyHs5rKXu9reuKKNmHEsbBtFkbVzBgdPFWlFHQ3XnZ1FvWTCiiTuOts9QxcQBy%2BBvVnoJtDBzViNrxhaiY4AhGA57eKIjyyeswtsWiJSGQYYcxwItp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6ffadd67487217d9-EWR
cf-bgj: minify

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 278ms
89ms Script
text/javascript 18.65.25.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.25.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-25-51.lax53.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:08:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 577
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5deffd3025190ff558739d37ae5c95f0.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: LAX53-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: wRFRUSj9m5E9NSJR7iiNe2CuuSlmYU37-lzuu_F5bMdp26Zn5PDELw==

GET
H2 200 rocket-loader.min.js Show response
paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/52711
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 15:47:34 GMT
server: cloudflare
etag: W/"62602b16-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G7rx94K7%2BwV4M%2Btjaew4jUXCze3I5yoUHGaQ0%2BgK6%2Bq6VbXhj1S35UYmCQpft8MF7e7ayuZFpvXbFmQJ%2FQg4jaGfUaYJcYSFwkSq%2FXJ10Lor7HFuTkIXlPV0j644O8EbuVHCJPkgsX8%2Byid"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd67487617d9-EWR
vary: Accept-Encoding
expires: Sun, 24 Apr 2022 02:17:44 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 193ms
141ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://paste-bin.xyz/
Origin: https://paste-bin.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ffadd67adcd8cbf-EWR

GET
H2 200 jquery.dataTables.min.js Show response
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.21/js/ 83 KB
26 KB 73ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.21/js/jquery.dataTables.min.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 678945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25812
timing-allow-origin: *
last-modified: Wed, 08 Jul 2020 10:30:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f05a03b-14aa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fp4hduNw6GlW1vbMLsMZQRiwArj0uA2Fcx1xmum8c3FrWljhmzWDmQIZmlkBIBZjHg35Ogcbi0CAZWRD5rgtZACtu%2F6F16lh6w9Pe5OsAcWkPjK056MYfaCxxLIxbDSeJSi3WORjdj41GtiDjeWETll"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd67cb1619b6-EWR
expires: Wed, 12 Apr 2023 02:17:44 GMT

GET
H3 200 modal-fx.min.js Show response
paste-bin.xyz/theme/bulma/js/ 930 B
961 B 140ms
140ms Script
application/javascript 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/js/modal-fx.min.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4637a73ddf8cf9a3a7dc1fc3f5e056500718bcc5bc522b304687e991ca11d1c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/52711
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d00850-3a2-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ1pabzOoYx%2FdSmSTHedp0ECWz9kFkTUcMEVkY96%2FiaGA8yRF7uye59gSW22tNKN6P1nIWJ85qK0lUr14ahAUZ3XLQaxa9HGdirHFZm%2F44magVRDJCYof94Ux8ZTKdtCCc%2FFj0MANCLpzl98"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd677a221855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 paste.js Show response
paste-bin.xyz/theme/bulma/js/ 5 KB
2 KB 420ms
419ms Script
application/javascript 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/js/paste.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7556c62509830aab33e8eb5bd135e4f153c65d90480941d5a786e1ae7fe1616a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/52711
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6870
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d00845-1ad6-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc9a9dwKBMfI%2F%2F661mwyEBbZYayMzVF1dGmzw6BbqDCU1yTjSG3eRgm84DUkTtJKUsUgqwkHQjLluDBu9eGyTZhVqViNZkdh2%2BqLNt%2F2PUtX2UJu7vnWfDEM%2Fc1zGD1W39r7mTrTjH5tLyRG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6ffadd678a271855-EWR
cf-bgj: minify

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.8.16/ 197 KB
45 KB 71ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae338702fdb6c1402d31e64c76a9789bdfa9d98279482074c7ca9b540eb55c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 699722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44758
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-314d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86i5l7a%2FuR0JgGj9vC%2BVcr0wFc9i6QkRL84nyqwLmZRmlziu9OxH97I6DPrkWDPvVWvVaTbitNtjfzxFF4Hbmw3yaGR1XM6HqKPmevGAFRMFAvXTI7jQxjr1i5Z%2F2SFiHEbZM4gLAnw3uO7QiSQ9AIEM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd67cb1c19b6-EWR
expires: Wed, 12 Apr 2023 02:17:44 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 91ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 685735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMZcRyy0nGVUIjIiv4FiuudQs3R5Mn5JegVyBmzR7%2F9twBuK3dIAc2Ex8dy1wi61Fjkbn2Rslxt8sYOgtg2PjZl2yJqQbhVqoCZqh0vLWK2Biw3OCnuF%2BKd1Oz%2BNMQxrVduryXX7HYWI%2Fr7j5Je6BNcW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd67cb2019b6-EWR
expires: Wed, 12 Apr 2023 02:17:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
32 KB 85ms
37ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f945ff8471b7a925b67bd7678ca77da88936f450b9459a75bd6d3c29d868aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32619
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Apr 2022 02:17:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 107ms
59ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BF5N2KX54B

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

895f8174739d053e6c3f74f4114af04acda242eb6d12a44e95fb0be35e793d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68863
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:17:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 123ms
74ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d88dc6fe5321422c43576bd653661a8a906bbdc7a6def8c670716475130432ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54469
x-xss-protection: 0
server: cafe
etag: 14540011136579612210
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 02:17:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 85ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 02:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 02:17:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 02:17:45 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/ 58 KB
11 KB 53ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2445441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10392
timing-allow-origin: *
last-modified: Thu, 18 Jun 2020 21:18:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebda3d-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bdfsjw6gQHv1mHZQO%2Bp6b3Cpdmyk8tYocu8lu3ookTf%2FXcZa%2FZvHTsm0DpnDWnwKxklQ4QiMV0BzKsG4giLszwfCBBCwrC32GvZNhfERbFg5%2BQvw0zuz31MeE1kd0JA8y3rIB2oNoT73l6ynKDQv3U12"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd6a3ad432e4-EWR
expires: Wed, 12 Apr 2023 02:17:45 GMT

GET
H3 200 bulma.min.css
paste-bin.xyz/theme/bulma/css/ 262 KB
39 KB 420ms
419ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/bulma.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9682ab56fd6eda4ba2702d2602b7030ae259919dc58d25832726d1a6f36c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 17 Apr 2022 16:32:08 GMT
server: cloudflare
etag: W/"d0085c-41794-5dcdc2f5120d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2cpdc0Q%2FLaFTbh8Lp2JYo%2BK3%2B1nYJ66Q3PqPeNU2XZ3BwO1rrstrvZxXXG2s27jtSuRBsH2VsZtXDc3w4n76pnofeF7wK28EsCc27dZFXC5JDHY3s4QBq%2FHHp4BFA5cb7%2FwpQWEJcummE%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f111855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bulma.modal-fx.min.css
paste-bin.xyz/theme/bulma/css/ 9 KB
2 KB 440ms
439ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/bulma.modal-fx.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0956ca2f2bdc08847819658bc9b0a3250796652164e8af7730a6eb6642d28d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d0085e-2575-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS9jzz0poFzbo1Q1kfcOByXLKB0X8LzgaIqD6jxm9MFplSeVJtX7NR3vO11ODekg%2B7h%2F%2FwRksqmznzZhMXoQJZ88sABGjAR7B%2F9eQpnFxwWGI%2BT%2F78Ju9xJNLu0Rw73ZZUN8Z%2Fb6fl7QvZK%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f141855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bulma.tooltip.min.css
paste-bin.xyz/theme/bulma/css/ 65 KB
5 KB 136ms
135ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/bulma.tooltip.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39dcd607bc25d4032415aaa16019e840919424c0c07b15dae38ad7b3f7769f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d0085a-1028d-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDr27HNm5z6k%2Fy42QHQkIXfWNcNfCHKBRlAv8b26HtXYz2BI3cDAkx8FJ8vynJnloI1WtBM%2FeRPxAmXUNJOHlordH9CHX9U2O7Ma5uhFm%2B3HTAoxnQL1FOorvQ7BhTo7%2FjjwkngKAjKtargR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f151855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bulma.checkradio.min.css
paste-bin.xyz/theme/bulma/css/ 44 KB
4 KB 460ms
459ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/bulma.checkradio.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a3fbcdd5e0607da24d97db612f27f820133cc9fa06998e6ec6fcd7aaef06e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d0085b-b17d-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYj%2B5zjuxb08ltqL8%2BYxY63k0KUeH7xLjD0NUhEBZfmQwxLtvPSJvJR0WhbOiqn%2BAkoYRJfkFlceCFuuFjnV%2FBY9EPzsl5CWojNE9lfbL5E3nGbxPAFFlGGcO2OG7%2Fe2A4s9kLy43S%2BNJGVP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f181855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bulma.social.all.min.css
paste-bin.xyz/theme/bulma/css/ 89 KB
10 KB 441ms
440ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/bulma.social.all.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2921b53b2a8c3c2a99362cb28610aaa769b8dcbde9b88dcf712f7a37d683d152

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 14:03:22 GMT
server: cloudflare
etag: W/"d0085d-162b8-5b88c40951e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgWQ7vpdXuFYmY9%2Bi2FlVuaD1GBKGJxvNERtMulNdVvFl9pEwf8rBjqynBsJHzKDTG1avT37j0dEPfNidAmJK%2FNeTRY3MV9VDNi9ti03D9amS1%2FkyFw%2Bv%2FmwomyeJe3Ca6fY7QDwjV77hozr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f1a1855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 datatables.min.css
paste-bin.xyz/theme/bulma/css/ 14 KB
3 KB 461ms
460ms Stylesheet
text/css 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/theme/bulma/css/datatables.min.css

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/theme/bulma/css/paste.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cae6e04d4b91f2903ec26c1779042bba2ee1962217655544a0e147f2351fa3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/theme/bulma/css/paste.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 11:27:37 GMT
server: cloudflare
etag: W/"d01112-3760-5d1872520bc9f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcU79puBYqYd3kO5oaHrYC7VZqLwSfzBFVzZCjgiPHoi%2F68ahc2fNFlHR8ca10IK4P7mQzT%2BMZTnwR%2FWNoSpFjbnCKg6RO25TnRUEL5kSr8CKbXoNoTjzrozWQUnBoVln228zfHVnx%2FcWD5n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ffadd6a0f1e1855-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/ 78 KB
79 KB 74ms
50ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e57907af9aed7fc9021381b1f1d6f577ab42335e0a7921d24705e09345af1e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css
Origin: https://paste-bin.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2531889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80328
timing-allow-origin: *
last-modified: Thu, 18 Jun 2020 21:18:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebda3d-139c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1y7YnRrfTFhS4ydAEsLalnXfrYa3JxGVhB28F0gjNG5snw18V4lgu7bhSnIXAnbGtYSU46%2Fc5VIYlaFclOUCpGWeylXndCW9ZEFT1zSs1BS0NLSkFHjsRqN7Tb405F%2BlRGto2DmYACABkFSXS8pHCWu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd6d4c401a40-EWR
expires: Wed, 12 Apr 2023 02:17:45 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/ 13 KB
14 KB 51ms
28ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65207e402358c150f6b926d4b87e09fadcca3c164d56f5bbac1f1d93480a1fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css
Origin: https://paste-bin.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 686040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13596
timing-allow-origin: *
last-modified: Thu, 18 Jun 2020 21:18:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebda3d-351c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjnezIx%2Bco%2FyokjhNuVk%2BYw2117oU4vJQ5BcBSVCe58KgF96t33pMKkFcivtRjoAd%2BhHVCv8LSa5uheBdfk2hjR1uie%2FEKx76KgTF7adCDl8aOo4xpAoo%2F4c6BmUrzO1PDG1NF4qwj5wCia9zJitEtir"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd6d4c3d1a40-EWR
expires: Wed, 12 Apr 2023 02:17:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 76ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste-bin.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 16:23:56 GMT
x-content-type-options: nosniff
age: 208429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 16:23:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 57ms
26ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste-bin.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:28:42 GMT
x-content-type-options: nosniff
age: 2943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Apr 2023 01:28:42 GMT

GET
H2 200 60c3d28345ab7c0014a0a910.js Show response
buttons-config.sharethis.com/js/ 228 B
653 B 704ms
429ms Script
text/javascript 2600:9000:201f:6c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/60c3d28345ab7c0014a0a910.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:201f:6c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

272a2264cede53f0142627b4b02ab457fac2fb96beb61c3c86d3c6036cf02bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 22 Apr 2022 02:17:47 GMT
via: 1.1 30a008d85df71a65d24879648931496c.cloudfront.net (CloudFront)
last-modified: Fri, 11 Jun 2021 21:15:49 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
etag: "a5893b0b87bd2d219b1af6471b2e6c71"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 228
x-amz-cf-id: zbxNTS5-9uPjakxO4bNwHA1K2A_8U9fHdPW-sXhAdNf3epDTvKVyJQ==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&h...
https://l.sharethis.com/sc?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&has_...

160 B
679 B

36ms
36ms

XHR
text/plain

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&cms=unknown&publisher=60c3d28345ab7c0014a0a910&sop=true&version=st_sop.js&lang=en&description=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20pastebin%20Paste%20can%20store%20text%2C%20source%20code%20or%20sensitive%20data%20for%20a%20set%20period%20of%20time.&samesite=None

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

3be0ac9673f4331c877d3dbbd8ed362b9c5da94648a02a371590f7cf3b1ba6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 02:17:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://paste-bin.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZHkADGJiEEoAAAAIQGUBAw==

Redirect headers

Date: Fri, 22 Apr 2022 02:17:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://paste-bin.xyz
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Location: /sc?event=pview&hostname=paste-bin.xyz&location=%2F52711&product=inline-share-buttons&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&cms=unknown&publisher=60c3d28345ab7c0014a0a910&sop=true&version=st_sop.js&lang=en&description=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20pastebin%20Paste%20can%20store%20text%2C%20source%20code%20or%20sensitive%20data%20for%20a%20set%20period%20of%20time.&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 1139
Stid: ZHkADGJiEEoAAAAIQGUBAw==

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/ 304 KB
108 KB 98ms
54ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2c7166c88e8bc763c5210de53c298dd717aaef61caf6992595fdda8e3862072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111051
x-xss-protection: 0
server: cafe
etag: 18213028116094791695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/ Frame 9089 10 KB
5 KB 71ms
21ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 39910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 15:12:36 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 15:12:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 102ms
61ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187376076-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BF5N2KX54B

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d7276ca29bf6f8f327cdb30255cb0ccddaaa966451c25b1a24f206d008b9d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38778
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:17:46 GMT

POST
H3 200 rum Show response
paste-bin.xyz/cdn-cgi/ 0
165 B 22ms
22ms XHR
text/plain 2606:4700:3035::6815:2871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste-bin.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://paste-bin.xyz/52711
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://paste-bin.xyz
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ffadd6ebeb01855-EWR
vary: Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
647 B 126ms
35ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste-bin.xyz&callback=_gfp_s_&client=ca-pub-3515879970651119

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

d5b1cee32d016c61cb78c9e10354091f3b608ddf729f70af87e0efb388d946fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 108ms
49ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste-bin.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7FC 180 KB
48 KB 553ms
509ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515879970651119&output=html&adk=1812271804&adf=3025194257&lmt=1650593866&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste-bin.xyz%2F52711&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650593865951&bpp=4&bdt=1132&idt=160&shv=r20220419&mjsv=m202204180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2950153110852&frm=20&pv=2&ga_vid=463097057.1650593866&ga_sid=1650593866&ga_hid=2071268738&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531533&oid=2&pvsid=1535361421153440&pem=566&tmod=1948773396&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8cafcc70f86805623043ef9f896c74f19f28f047f62b0f17b734000ba24d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49269
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 02:17:46 GMT
expires: Fri, 22 Apr 2022 02:17:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 93ms
49ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220419&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ea3e3a2a6acf08c1e83b41b507f94104eb15e59d32bb5eda5c87b10f8202493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10591
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
26ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187376076-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5630
date: Fri, 22 Apr 2022 00:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Apr 2022 02:43:56 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 88ms
44ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BF5N2KX54B&gtm=2oe4k0&_p=2071268738&_z=ccd.NbB&cid=463097057.1650593866&ul=en-us&sr=1600x1200&_s=1&sid=1650593865&sct=1&seg=0&dl=https%3A%2F%2Fpaste-bin.xyz%2F52711&dt=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BF5N2KX54B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste-bin.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 190ms
23ms Script
application/javascript 23.36.81.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=paste-bin.xyz&rnd=1650593866177

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.81.70 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-81-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

911401982dde4aa8c3340c696b26f428797573110967893ad39a7535f77d3356

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1361
Expires: Fri, 22 Apr 2022 03:17:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 85ms
36ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 02:17:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 63ms
35ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2071268738&t=pageview&_s=1&dl=https%3A%2F%2Fpaste-bin.xyz%2F52711&ul=en-us&de=UTF-8&dt=%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A8%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%E2%97%81%20%D8%A7%D8%B1%D8%A8%D8%AD%20%D9%85%D8%A7%D9%84%20%D8%AD%D9%82%D9%8A%D9%82%D9%8A%20%D9%85%D9%86%20%D8%B1%D9%88%D9%84%D9%8A%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20-%20Paste-bin%20for%20Sharing%20Code%20and%20Text&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1429985399&gjid=668549199&cid=463097057.1650593866&tid=UA-187376076-1&_gid=1464417066.1650593866&_r=1&gtm=2ou4k0&z=926947479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste-bin.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste-bin.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
439 B 89ms
34ms XHR
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-187376076-1&cid=463097057.1650593866&jid=1429985399&gjid=668549199&_gid=1464417066.1650593866&_u=YADAAUAAAAAAAC~&z=1858100791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste-bin.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Apr 2022 02:17:46 GMT
content-type: text/plain
access-control-allow-origin: https://paste-bin.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4926 13 KB
5 KB 73ms
22ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 00:34:23 GMT
expires: Sat, 22 Apr 2023 00:34:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86A4 783 B
968 B 127ms
53ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28e738f7ec196871323c62444b13492fffec7ffc70255ef6ed9ca44e0cca4475

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0gvyCqF0TdCX2NWdVRZmLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-0gvyCqF0TdCX2NWdVRZmLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 02:17:46 GMT
expires: Fri, 22 Apr 2022 02:17:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame D0A0 2 KB
1 KB 23ms
22ms Document
text/html 23.36.81.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.906.23338&cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=paste-bin.xyz&rnd=1650593866177

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.81.70 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-81-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Fri, 22 Apr 2022 02:17:46 GMT
Expires: Fri, 29 Apr 2022 02:17:46 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 46ms
46ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-187376076-1&cid=463097057.1650593866&jid=1429985399&_u=YADAAUAAAAAAAC~&z=1910695025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.906.23338/a/US/ Frame B89A 25 KB
10 KB 27ms
27ms Script
text/javascript 23.36.81.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.906.23338/a/US/t_.js?cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.906.23338&cid=c010&cls=B

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.81.70 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-81-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

75839f1de44eae3da2aa9fc16c64f1ce029f715dcdbb40d8a23159d8e067afe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.906.23338&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9905
Expires: Fri, 29 Apr 2022 02:17:46 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 4926 35 KB
13 KB 23ms
23ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 00:36:39 GMT

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame B89A
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=58d31ac5a44fbb8ed58070d9005075c9

42 B
297 B

163ms
37ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=58d31ac5a44fbb8ed58070d9005075c9

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 42
Stid: ZHkADGJiEEoAAAAIQGUBAw==
Content-Type: image/gif

Redirect headers

date: Fri, 22 Apr 2022 02:17:46 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=58d31ac5a44fbb8ed58070d9005075c9
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame B89A
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=970e08754bd83e2695e01fae3de84049&gdpr=0&gdpr_consent=

42 B
297 B

111ms
36ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=970e08754bd83e2695e01fae3de84049&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 42
Stid: ZHkADGJiEEoAAAAIQGUBAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=970e08754bd83e2695e01fae3de84049&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.43.200
content-length: 0
expires: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame B89A
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2qmCe5xZgKWd0DWnvqY-AsylXKIirk_g1Bv4_8qdxCrg&gdpr=0&gdpr_consent=

42 B
297 B

150ms
37ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2qmCe5xZgKWd0DWnvqY-AsylXKIirk_g1Bv4_8qdxCrg&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 42
Stid: ZHkADGJiEEoAAAAIQGUBAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2qmCe5xZgKWd0DWnvqY-AsylXKIirk_g1Bv4_8qdxCrg&gdpr=0&gdpr_consent=
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame B89A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=96cbd054-1572-4909-b184-0625fedf9e76&gdpr=0&gdpr_consent=

42 B
297 B

172ms
37ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=96cbd054-1572-4909-b184-0625fedf9e76&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 42
Stid: ZHkADGJiEEoAAAAIQGUBAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=96cbd054-1572-4909-b184-0625fedf9e76&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H3

200

csync.ashx
ml314.com/ Frame B89A
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHkADGJiEEoAAAAIQGUBAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3626677757604266036
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjY3Nzc1NzYwNDI2NjAzNhAAGg0IyqCIkwYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=61c3f0e188e5aa556c9c3fb78e8a42414a95deb540e2f5ca2108c65b410b837ef4cb09cee1a4f8eb&person_id=3626677757604266036&eid=50082

43 B
60 B

73ms
32ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=61c3f0e188e5aa556c9c3fb78e8a42414a95deb540e2f5ca2108c65b410b837ef4cb09cee1a4f8eb&person_id=3626677757604266036&eid=50082
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 22 Apr 2022 22:17:46 GMT

Redirect headers

date: Fri, 22 Apr 2022 02:17:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=61c3f0e188e5aa556c9c3fb78e8a42414a95deb540e2f5ca2108c65b410b837ef4cb09cee1a4f8eb&person_id=3626677757604266036&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

yahoo
sync.sharethis.com/ Frame B89A
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=SHARET&gdpr=0&euconsent=
https://sync.sharethis.com/yahoo?uid=y-uc2wNQNE2oMtXF1h1kEMUzTACeWOxlkeQfhS~A

42 B
297 B

185ms
36ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/yahoo?uid=y-uc2wNQNE2oMtXF1h1kEMUzTACeWOxlkeQfhS~A

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 22 Apr 2022 02:17:46 GMT
Content-Length: 42
Stid: ZHkADGJiEEoAAAAIQGUBAw==
Content-Type: image/gif

Redirect headers

date: Fri, 22 Apr 2022 02:17:46 GMT
via: http/1.1 spdc0111.tgt.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://sync.sharethis.com/yahoo?uid=y-uc2wNQNE2oMtXF1h1kEMUzTACeWOxlkeQfhS~A
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 86A4 0
0 59ms
59ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220419&jk=1535361421153440&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4926 0
9 B 20ms
20ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a0nHHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 225ms
66ms Image
image/svg+xml 2600:9000:2202:c000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2202:c000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 04 Apr 2022 15:11:13 GMT
via: 1.1 7b2d3bc4b6f9e52c671b0f2fb9d0fc74.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1508793
etag: "c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: SFO20-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: T0vKRbH9RuAbNaBdpM357zUAqD-Vcxue5NKrLX2Jzx5NcOsWKwWHbw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 225ms
66ms Image
image/svg+xml 2600:9000:2202:c000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2202:c000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 06 Apr 2022 13:24:21 GMT
via: 1.1 7b2d3bc4b6f9e52c671b0f2fb9d0fc74.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1342406
etag: "0af2fb38987598376c99e21af17ade45"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: SFO20-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: RkJKOPERs44Ob44QGGgJgKlrr79HFSbmC0mBueCNRWTFkkKdm1M-rw==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 225ms
67ms Image
image/svg+xml 2600:9000:2202:c000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2202:c000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 19 Apr 2022 00:29:40 GMT
via: 1.1 7b2d3bc4b6f9e52c671b0f2fb9d0fc74.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 265687
etag: "2b10a062e719c64b686e2e8fcdc216dc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: SFO20-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: a8k4YFo7jfecLE4TEbIZ7VEzrrJaMwOmj1XDqAFSlMC4jAxqZYQuEw==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
769 B 226ms
68ms Image
image/svg+xml 2600:9000:2202:c000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2202:c000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 13 Apr 2022 03:52:11 GMT
via: 1.1 7b2d3bc4b6f9e52c671b0f2fb9d0fc74.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 771936
etag: "5977437466e857c7ddcadda6f6d88c2a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: SFO20-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: IfQgH6zGnIWMmlzQlc4owKqFrPGOyf3yDqP0DzrEkBtEQB-UEcNoow==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
939 B 228ms
69ms Image
image/svg+xml 2600:9000:2202:c000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2202:c000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 03 Apr 2022 14:16:07 GMT
via: 1.1 7b2d3bc4b6f9e52c671b0f2fb9d0fc74.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1598500
etag: "deecdaa377907db5cc1722fc831670a1"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: SFO20-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: KtkDoKq35ZaL3tLsPk9gZT5ZsEAMzPryxIWWCAfGywmQlzhdYBNrvg==

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/ 145 KB
51 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d356e1c3536707c859a8e1da1f3febf1524d7319fea14a630aaf94e29ad5899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52678
x-xss-protection: 0
server: cafe
etag: 17873244450871869908
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
48ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste-bin.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/ Frame 445C 10 KB
4 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 40938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 14:55:28 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 14:55:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/ Frame B48E 10 KB
4 KB 22ms
21ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste-bin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 40938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 14:55:28 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 14:55:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 445C 4 KB
634 B 82ms
39ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 00:19:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 02:17:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 445C 205 B
743 B 71ms
21ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:06:39 GMT
x-content-type-options: nosniff
age: 65467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 08:06:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 445C 604 B
695 B 71ms
21ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:05:33 GMT
x-content-type-options: nosniff
age: 72733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 06:05:33 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/ Frame 445C 19 KB
8 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:15:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B48E 0
0 86ms
86ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHysVShBiYsyoDIWIxAO9nb-wD5yB77BcgvO3nZ0BwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzUxNTg3OTk3MDY1MTExOaABrN3-6APIAQmoAwGqBMQBT9CpD3OK5CEt3oiTRlLVixr0Z3_a_LO5TsnrqSSPS6xdL91LYur0WhP_l5scBvvdXsJwzKXFuAmaf8WXzNAAVRHQyJmq_zqmd6_tvMZO53fzROJtGB_Fxn2MDLPJ028JK7WP_NtKRluNTgx1Oza76A44HX7JHlyeKmAx4Vc8YYupOdiPscx0bGKaW0e52jM6S62PEGrTPVi9N5TgGLiRhmGR_Zdr111YFR-kjujThTpAUoOo38ayyE-eXoC5hTQ0K_Bs8IAG_-O9s86DidtdoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM1MTU4Nzk5NzA2NTExMTkYAA&sigh=Xzad7g9tNpM&uach_m=[UACH]&cid=CAQSGwCNIrLM-5rPvPdV-fGUPr8V_MJGJc_x42QjqxgB

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Apr 2022 02:17:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame B48E 0
0 85ms
26ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kMCIEs36RO0HfOIinRcCAAAAEgjCYFdOFJwQSRBiYqAalGTVegaxa27aABIAAA&wp=YmIQSgADFEwKcQQFAA_OvRDELMMdJtlxZeAmrg

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 168496
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame E02A 122 KB
42 KB 107ms
52ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YmIQSgADFEwKcQQFAA_OvRDELMMdJtlxZeAmrg&u=%7CFjEad1YiC19ZTYTILemkbltCPIgANdphvK%2FmeujCvuk%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVv5BSlWlgWusjaIhOie6o7KErhKHrlLQKQrXumyEY8F97GP0HEF-tfy7EH0726abfxCHRgsQenlJQOYp3BrzqLrfSDmeZRUp1VWkdc-BIy0t0oADBJwWdXGXqdGBcOhybq8YQwmQ2NPMBt1uGdpoePdbwcnA1YZ0rXnryBbCTJovYAUKyl2uMhGDOLsJIBp7fQYKfBiCCST71AnKKe7aUHn7Jna3T_7b2gLiEfmAmiKX_28DZ7AJW_LNsUte1ZE5z8NeaVBvToxxs36F9rWNhbEuSk3J3KWf0_BTyuNZOo_FdGM-MvJe-xhyzcrCl5QgBUqbpCE0yBDfXXCIFkkA5f6gdYYuKzdcgzbIbAMEaq3Iw9YhdiFiz6aeK7yqGqYA3JH2GHVSHa-7oW_SZgaLvMrLRkTWbk43w3cFNaGfz_mFmcpL5fduc1nbJzx_UGiUt6C9d98vG9Ga&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClCWKShBiYsyoDIWIxAO9nb-wD5yB77BcgvO3nZ0BwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzUxNTg3OTk3MDY1MTExOaABrN3-6APIAQmoAwGqBMcBT9CpD3OK5CEt3oiTRlLVixr0Z3_a_LO5TsnrqSSPS6xdL91LYur0WhP_l5scBvvdXsJwzKXFuAmaf8WXzNAAVRHQyJmq_zqmd6_tvMZO53fzROJtGB_Fxn2MDLPJ028JK7WP_NtKRluNTgx1Oza76A44HX7JHlyeKmAx4Vc8YYupOdiPscx0bGKaW0e52jM6S62PEGrTPVi9N5TgGLiRxGOxbzyZXl2bnHIoZZJaRo18eoqGxwIpOzUXlz6nqSyd_WFsM4v3oYAG_-O9s86DidtdoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bOitd0GdqCpUoZ_Tckfx-oLjw5w%26client%3Dca-pub-3515879970651119%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6779de75412d5e537c30875a8a4840f3e59d57c2f8dd87d2d116ce244afaf754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 02:17:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=uTUT45VSk-tMfzH1i-Myn9iIrhsYpYNhCK621-qvtb2TgC602drCZ0mymjQO3_7zDgO5HtF3gQMVRlRVCrVKmggelRHXGSQrhoShs8PGp1dkRjSYIeLfyoAcGUtN4-jA_HPL69H7SkIJ2rF43XvVHLEacfl950YVXnvRUGv4h2gswfE1wmlPV6on_gNivWTYKBc4q67hqOqiytdESp_u95bTzM978lczw5uUqOIdYh-WikQvtEQi65ce0eXvEAd9l03IKQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 26373682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame B48E 3 KB
1 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:16:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B48E 119 KB
37 KB 124ms
68ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame B48E 15 KB
6 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:16:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2813 4 KB
812 B 37ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 01:52:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 02:17:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame 2813 2 KB
904 B 21ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:15:18 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame 2813 19 KB
8 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:11:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame 2813 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:16:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2813 119 KB
36 KB 53ms
51ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 02:17:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame 2813 15 KB
6 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 02:16:32 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame 2813 30 KB
12 KB 65ms
22ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 00:36:37 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E02A 2 KB
1 KB 126ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YmIQSgADFEwKcQQFAA_OvRDELMMdJtlxZeAmrg&u=%7CFjEad1YiC19ZTYTILemkbltCPIgANdphvK%2FmeujCvuk%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVv5BSlWlgWusjaIhOie6o7KErhKHrlLQKQrXumyEY8F97GP0HEF-tfy7EH0726abfxCHRgsQenlJQOYp3BrzqLrfSDmeZRUp1VWkdc-BIy0t0oADBJwWdXGXqdGBcOhybq8YQwmQ2NPMBt1uGdpoePdbwcnA1YZ0rXnryBbCTJovYAUKyl2uMhGDOLsJIBp7fQYKfBiCCST71AnKKe7aUHn7Jna3T_7b2gLiEfmAmiKX_28DZ7AJW_LNsUte1ZE5z8NeaVBvToxxs36F9rWNhbEuSk3J3KWf0_BTyuNZOo_FdGM-MvJe-xhyzcrCl5QgBUqbpCE0yBDfXXCIFkkA5f6gdYYuKzdcgzbIbAMEaq3Iw9YhdiFiz6aeK7yqGqYA3JH2GHVSHa-7oW_SZgaLvMrLRkTWbk43w3cFNaGfz_mFmcpL5fduc1nbJzx_UGiUt6C9d98vG9Ga&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClCWKShBiYsyoDIWIxAO9nb-wD5yB77BcgvO3nZ0BwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzUxNTg3OTk3MDY1MTExOaABrN3-6APIAQmoAwGqBMcBT9CpD3OK5CEt3oiTRlLVixr0Z3_a_LO5TsnrqSSPS6xdL91LYur0WhP_l5scBvvdXsJwzKXFuAmaf8WXzNAAVRHQyJmq_zqmd6_tvMZO53fzROJtGB_Fxn2MDLPJ028JK7WP_NtKRluNTgx1Oza76A44HX7JHlyeKmAx4Vc8YYupOdiPscx0bGKaW0e52jM6S62PEGrTPVi9N5TgGLiRxGOxbzyZXl2bnHIoZZJaRo18eoqGxwIpOzUXlz6nqSyd_WFsM4v3oYAG_-O9s86DidtdoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bOitd0GdqCpUoZ_Tckfx-oLjw5w%26client%3Dca-pub-3515879970651119%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame E02A 2 KB
1 KB 125ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E02A 308 B
636 B 120ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame E02A 507 B
835 B 121ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame E02A 43 B
348 B 123ms
31ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=iyVNdOkslyxDP4K70Y4zP-EMHKQbTnPVua6vtAhjoZtCS-JzhF8K9px18jh8Ui5nPBx9GPw9vCE2CiWtADXtW7SmPZidIb_rJgQ8RTFHHx-d-B3ktMdiNTL_FUgTHe02kHV5A5H1FVA8KvJFCiTUFxMt0PWqKLNqqKZ0zTUUIs0TGXPeOqhVPmX2vghg4-ljYVzQRoaOQlyDViS3uJFXe4fuTS2hq2CsTBXTPqz9kXb7-uYDKYkHJxcdAc9cBNUW-7luv5vlEn34ti0zGB6xK2aT6hxo0scqVAKM7tX16H4dMdVLd_k0y6KwVj8rxAOxvjlX8mmFBuo1TaLHt6Fd8P_7erNHJN-hKeDGk1mYuC0ER-h_JAx8THbt5Hzhk_kaJGZk5blEWsYhJiYluB7XtMCm5-8v5xspvH4pTTV2hW_trbcUXUDBlt8PRkRGDytmTOioRA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:46 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2773334
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2BF 143 B
163 B 22ms
20ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 01:54:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E02A 12 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2565233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vo24odZBFxNA7r2O8LdX40KcRXAhSvcbEMFBpsZAlJkVFzSxAC2HUiYigBOiCPKLdjRCpqMYnT43kLjOZ5V%2B%2FP44iO0XWkEP46vpDvygPuvBQUjLSTupAlRzxF5NBd6GHIejStnQReUlr1liL0EhIH38"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffadd74bf1c32e4-EWR
expires: Wed, 12 Apr 2023 02:17:47 GMT

GET
H2 200 3901e7f1076548768dd426f395d925f6_museosans_500.woff
static.criteo.net/design/dt/ Frame E02A 27 KB
27 KB 127ms
48ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3901e7f1076548768dd426f395d925f6_museosans_500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 21:18:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d88a8-6a5c"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E02A 12 KB
6 KB 102ms
31ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 68 KB
68 KB 155ms
91ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F553642094790450a9ecbefd6f4f4b120_img_horizontal_2.jpg&v=3&s=e6mvyI6uZ156XRLhs3u6rWah

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25963818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 69664
expires: Thu, 16 Feb 2023 14:28:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 68 KB
68 KB 147ms
84ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2Fa7f42ecb64e54490a33e14f1ea8091a8_img_horizontal_1.jpg&v=3&s=Hyn0SmhgabxqQKUbWciLTl6_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25963818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 69492
expires: Thu, 16 Feb 2023 14:28:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 47 KB
47 KB 90ms
27ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F57cfea0f0beb4ff08bd2f5dd139b30fa_img_horizontal_3.jpg&v=3&s=Fcr1HU9IIdhwN-UnSz2z-DBd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25963817
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 48192
expires: Thu, 16 Feb 2023 14:28:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 3 KB
3 KB 89ms
27ms Image
image/png 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F220208%2F6f267085407b479abea6dabd06925155_1-bistromd-logo-white.png&v=3&w=2006&s=DIurTwmjEWit09vXdwki-SeM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7ea9c103dcd1b10392b8ef378a941914233e9fce02f6c4749503b2449a016724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27475459
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2893
expires: Mon, 06 Mar 2023 02:22:06 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E02A 0
128 B 120ms
26ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=uTUT45VSk-tMfzH1i-Myn9iIrhsYpYNhCK621-qvtb2TgC602drCZ0mymjQO3_7zDgO5HtF3gQMVRlRVCrVKmggelRHXGSQrhoShs8PGp1dkRjSYIeLfyoAcGUtN4-jA_HPL69H7SkIJ2rF43XvVHLEacfl950YVXnvRUGv4h2gswfE1wmlPV6on_gNivWTYKBc4q67hqOqiytdESp_u95bTzM978lczw5uUqOIdYh-WikQvtEQi65ce0eXvEAd9l03IKQ&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 02:17:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E02A 2 KB
1 KB 37ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E02A 2 KB
1 KB 28ms
25ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
DATA 200
OK truncated
/ Frame B48E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 600e8c9ecf2f26b33b825874334d91645ca49755ab6b821eab08bb28aaf34c28

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

42ms
40ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 02:17:47 GMT
expires: Fri, 22 Apr 2022 02:17:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 02:17:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff
static.criteo.net/design/dt/ Frame E02A 16 KB
17 KB 33ms
30ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:47 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 21:16:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d8813-41d8"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 02:17:47 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame EE30 35 KB
13 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: paste-bin.xyz
URL: https://paste-bin.xyz/52711

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 00:36:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220419&jk=1535361421153440&bg=!srGlsfXNAAZvJBiFTyQ7ACkAdvg8WjtAyOhoU-yoUW3CENbVQ2W9pvE9H762FKYGCzX-gXXV6T166gIAAABbUgAAAARoAQcKAKOh5JbqKRRJZ9FofJ4-Stqm1TvOmO66-zsu08A_IMkksfvCsuKnoKtDniNnQ3hIRYmiWWBAWOE6bicqcvsReNUGhhxPRJal1-uOMwfIyxTRGqCRqfu-TUKXnHHAkrFOi-VBvtB9QKEj0I_laLvCLYX6FbKu9QM6MHKTAEL-2iXKbSMmsWsndvPCpKrcVcQs6ABWN33izquW39JFL7IXOKq4ZaGwmQKchHbWByN_Hx9DzvkAXzws0_t87sf8sbb9jK6dXtmZ_KkvAxfRe6g-zjj9rt4nrvogJiIAQSJ9f7POX89yy2KzSQN2UZ4VVgUizaGB0IVA8lbWmcCbbMzuEntP2aMdGRxrKQYrlTh894X7bCfC6iyUT9gDuvIavAA2OzZm_LvJOl2gRrytLD9U6oKVwlGFnqMVd_9GDbZ95vp4HkOGAPl9goZLDxUuVkX1_pmnyF8DJFqPUH1VrXce1Oltv619qwrFf0Unm3o_wCcZdsRcLTT1Z2jMFBnG6QRuuns3gk_gd2J01UM8kuvKa20-7rk7RlXadNEZUA4meWRqpFuSdrzlSgvWbj9pJ1bUgFPrk_NQms8oIW4PiPIH3t-dA_lGPaqgcEKI-gEIIEy5zotaGv1GRgvxrHV0IluM81hnTr0lu2sAr5Kn5QOlr-xotUxXnJsKYehnBswp6-_J_pvZwOcLYKpuAIGe4y_quPmWnZeKGkNfDZpmgKCjV4PBMQDkDCj1X5_AehaIElWuYwqOiuTjh_bDnlD7oEScigScWj-usb7f3mrGsaY-IvhSlZKWkG1WQSTHD-lv9poy77aGyHaWU-DBGoio68lWUmEQTNVzRgH5B6pDnOu0-OryrHFV_R4EFbvXOSFbwJ2pa_WqKHX_ugqEKPmN6NbEc1yx4rlllL6-yGqPANwlUbP85No_X66A-ZRoQlH60U6_c2kqTbpYfXi4GcELJ8VuNU2AAioKAPpDggtVbpGcYadoO8B4YXRJQCipYOpCr7GwMuHVsfH3nZG_gXcioZkpaLkKgpXNHKpc9PGWqhVmW0ZanDNHHCqkFfXCHLzjkt5y98yWT97x_H_qJy7tpD5SY_cP0WOg0ij8LMWVBRQCjO2NKjI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paste-bin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B48E 42 B
64 B 41ms
41ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6jP00dTSBcYEW0crx7UpJgJgeKNRB1Fb19KbVAFUXGxvAKHc5Qe1Z-NuVEFvJJdsfAk6_13qpRfiHdrxeMEnefQ&sig=Cg0ArKJSzK_HM1yB4k_vEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=133,816,1000,1154,1167&tos=133,683,184,154,13&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650593866801&rpt=248&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 02:17:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E02A 0
127 B 26ms
25ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 02:17:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 68 KB
68 KB 26ms
25ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25963816
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 69664
expires: Thu, 16 Feb 2023 14:28:05 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E02A 68 KB
68 KB 26ms
26ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:17:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25963813
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 69492
expires: Thu, 16 Feb 2023 14:28:05 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste-bin.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2930bef59ce296fba4815073448fbe29
.sharethis.com/	1970-01-20 11:15:29	Name: __stid Value: ZHkADGJiEEoAAAAIQGUBAw==
.sharethis.com/	1970-01-20 11:15:29	Name: __stidv Value: 2
.paste-bin.xyz/	1970-01-20 20:01:05	Name: _ga_BF5N2KX54B Value: GS1.1.1650593865.1.0.1650593865.0
.paste-bin.xyz/	1970-01-20 11:15:29	Name: fpestid Value: zOvUeqp9W96QDbTeYMfGn7I5P4JSREkSC52Df9k6oFpI-V449pV2RGYJ3dEK_JYstnRe4w
.paste-bin.xyz/	1970-01-20 20:01:05	Name: _ga Value: GA1.2.463097057.1650593866
.paste-bin.xyz/	1970-01-20 02:31:20	Name: _gid Value: GA1.2.1464417066.1650593866
.paste-bin.xyz/	1970-01-20 02:29:53	Name: _gat_gtag_UA_187376076_1 Value: 1
.paste-bin.xyz/	1970-01-20 11:51:29	Name: __gads Value: ID=db062c9980eec034-2297a6463ad2000c:T=1650593866:RT=1650593866:S=ALNI_MYvhMItXXHQFJxE_g2C0cdF4Ze5Fg
.t.sharethis.com/	1970-01-20 03:13:05	Name: pxcelPage_default_c010_B Value: 0_6_1650593866494
.yahoo.com/	1970-01-20 11:15:51	Name: A3 Value: d=AQABBEoQYmICEJzM-GsZvSY9dFXgMsa-zXgFEgEBAQFhY2JrYgAAAAAA_eMAAA&S=AQAAAny5BqQ077-XvZyJivaDhNk
.ml314.com/	1970-01-20 11:15:29	Name: pi Value: 3626677757604266036
.exelator.com/	1970-01-20 05:22:41	Name: EE Value: "58d31ac5a44fbb8ed58070d9005075c9"
.adsrvr.org/	1970-01-20 11:15:29	Name: TDID Value: 96cbd054-1572-4909-b184-0625fedf9e76
.exelator.com/	1970-01-20 05:22:41	Name: ud Value: "eJxrXxzq6XKLQcHUIsXYMDHZNNHEJC0pySI1xdTCwNwgxdLAwNTA3DTZcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6otDgxUUpaQyLSopPBR9Q7wAAl2op7A%253D%253D"
.eyeota.net/	1970-01-20 11:15:29	Name: mako_uid Value: 1804f0fa366-333d0000010a4bbe
.eyeota.net/	1970-01-20 02:29:54	Name: SERVERID Value: 19390~DM
.adsrvr.org/	1970-01-20 11:15:29	Name: TDCPM Value: CAEYBSABKAIyCwjWrIHboITSOhAFOAE.
.crwdcntrl.net/	1970-01-20 08:58:40	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 08:58:40	Name: _cc_id Value: 970e08754bd83e2695e01fae3de84049
.rlcdn.com/	1970-01-20 11:15:29	Name: rlas3 Value: H1Y6T4pcYDmoMisDztpbxmVZd6UzXRJtEcgU8wA58hA=
.rlcdn.com/	1970-01-20 03:56:17	Name: pxrc Value: CMqgiJMGEgUI6AcQABIFCNtOEAA=
.doubleclick.net/	1970-01-20 20:01:05	Name: IDE Value: AHWqTUkTsd2x6wKhB5EZ2gZtZP9AbzVqiKyykaJ9fWfamCDPYIBlks82mexM-jnHAUM
.doubleclick.net/	1970-01-20 02:29:57	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
bcp.crwdcntrl.net
buttons-config.sharethis.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cms.analytics.yahoo.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste-bin.xyz
pix.us.criteo.net
platform-api.sharethis.com
platform-cdn.sharethis.com
ps.eyeota.net
rtb.va.us.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.sharethis.com
t.sharethis.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.72.98
15.197.193.217
18.65.25.51
23.36.81.70
2600:9000:201f:6c00:c:abe:f440:93a1
2600:9000:2202:c000:1d:85c3:6640:93a1
2606:4700:3035::6815:2871
2606:4700:440e::ac40:9c1a
2606:4700::6811:180e
2607:f8b0:4004:c08::9c
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2008
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
3.13.44.106
34.111.234.236
34.197.192.192
34.229.3.43
35.190.60.146
52.1.175.157
74.119.119.137
74.119.119.147
74.119.119.149
76.13.32.147
0956ca2f2bdc08847819658bc9b0a3250796652164e8af7730a6eb6642d28d48
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
272a2264cede53f0142627b4b02ab457fac2fb96beb61c3c86d3c6036cf02bd4
28e738f7ec196871323c62444b13492fffec7ffc70255ef6ed9ca44e0cca4475
2921b53b2a8c3c2a99362cb28610aaa769b8dcbde9b88dcf712f7a37d683d152
2ae338702fdb6c1402d31e64c76a9789bdfa9d98279482074c7ca9b540eb55c6
32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
39dcd607bc25d4032415aaa16019e840919424c0c07b15dae38ad7b3f7769f80
3be0ac9673f4331c877d3dbbd8ed362b9c5da94648a02a371590f7cf3b1ba6e4
3cae6e04d4b91f2903ec26c1779042bba2ee1962217655544a0e147f2351fa3e
3ebafa9ebd3306f8e0a84f09d783f22569af1a54fb5f8b44a42119b8cf1572bd
3f945ff8471b7a925b67bd7678ca77da88936f450b9459a75bd6d3c29d868aaa
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
4637a73ddf8cf9a3a7dc1fc3f5e056500718bcc5bc522b304687e991ca11d1c0
4d05053af05069fcdca80196c509b2b126ae4be51bb8391306a68f301665e4a2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e850ac9fc6fa6d1dedcd75545201953961a718d7feb70aee68cb5d37caa016c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d9682ab56fd6eda4ba2702d2602b7030ae259919dc58d25832726d1a6f36c06
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
600e8c9ecf2f26b33b825874334d91645ca49755ab6b821eab08bb28aaf34c28
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65207e402358c150f6b926d4b87e09fadcca3c164d56f5bbac1f1d93480a1fcf
6779de75412d5e537c30875a8a4840f3e59d57c2f8dd87d2d116ce244afaf754
6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901
7556c62509830aab33e8eb5bd135e4f153c65d90480941d5a786e1ae7fe1616a
75839f1de44eae3da2aa9fc16c64f1ce029f715dcdbb40d8a23159d8e067afe8
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7a3fbcdd5e0607da24d97db612f27f820133cc9fa06998e6ec6fcd7aaef06e84
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7d7276ca29bf6f8f327cdb30255cb0ccddaaa966451c25b1a24f206d008b9d68
7ea9c103dcd1b10392b8ef378a941914233e9fce02f6c4749503b2449a016724
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
895f8174739d053e6c3f74f4114af04acda242eb6d12a44e95fb0be35e793d85
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ea3e3a2a6acf08c1e83b41b507f94104eb15e59d32bb5eda5c87b10f8202493
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
911401982dde4aa8c3340c696b26f428797573110967893ad39a7535f77d3356
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9d356e1c3536707c859a8e1da1f3febf1524d7319fea14a630aaf94e29ad5899
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aa8cafcc70f86805623043ef9f896c74f19f28f047f62b0f17b734000ba24d2d
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c9cd11079b102dbefe943c36b36b4ec2b6e634d6122e7c5bebae27e5f4f0b0
bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5b1cee32d016c61cb78c9e10354091f3b608ddf729f70af87e0efb388d946fa
d88dc6fe5321422c43576bd653661a8a906bbdc7a6def8c670716475130432ea
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57907af9aed7fc9021381b1f1d6f577ab42335e0a7921d24705e09345af1e0b
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f2c7166c88e8bc763c5210de53c298dd717aaef61caf6992595fdda8e3862072
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f7de7ce1663943b74cb796e483ed616bcc7be5eb1d6c6d0b426cedb89ecead34
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

paste-bin.xyz Open in urlscan Pro 2606:4700:3035::6815:2871 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

93 %HTTPS

59 %IPv6

22 Domains

35 Subdomains

29 IPs

1 Countries

1415 kBTransfer

3546 kBSize

24 Cookies

0 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

paste-bin.xyz Open in urlscan Pro
2606:4700:3035::6815:2871 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

93 %
HTTPS

59 %
IPv6

22
Domains

35
Subdomains

29
IPs

1
Countries

1415 kB
Transfer

3546 kB
Size

24
Cookies

105 HTTP transactions
1 data transactions