playpaste.com Open in urlscan Pro
188.114.96.3  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response playpaste.com/	12 KB 4 KB	224ms 131ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35e9db3adbcd84a6922443b757f420ab071e418f1954b77866d6228eccac653a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d4236c85adeb76c-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 17 Oct 2024 18:04:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U75UW%2FFD3pD9jpKX0uIfiK79qvzKvQ37hm0twSkbBfZGhosGtwSNz5Invo28qre9x5fhfQDssZEGRjDwYIOD5XMfxWGW9GroTlD33qke2dMnbEMWA3NH%2FfGQjyyq%2B%2FqA"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfExtPri vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	119ms 59ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 71cfdae69236a935151761b96b4f46b54f95be14372112e9b5c398eb87db1b3a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 17 Oct 2024 18:04:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:04:57 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 17 Oct 2024 17:11:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	styles.css playpaste.com/css/	63 KB 12 KB	36ms 36ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/css/styles.css Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77c9d943529bbef64ba98fa6d40718bf2d574dcc6b76f7ff83adde055d4c927a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers content-encoding zstd cf-cache-status HIT age 44409 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyz6UfIaJbH4%2BWmSpCyjRhdKBl6BgvmaXwm6wri11%2F6%2FshsXeg6LxkHLO2zpBSoSUFauxSz0PKPuqXiglOItAQk7sT6QNFwCL8HI8%2F0txx3v1X7nkLgXpE%2FUev1OF9Gw"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:44:48 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type text/css last-modified Sat, 19 Sep 2020 05:46:03 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c93be4b76c-AMS x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	favicon-white.png playpaste.com/images/	6 KB 7 KB	35ms 34ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/favicon-white.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 932cbd7af03f5458c0f105a064ba91e2e026e47f02196b57fa41ce7781a24ba8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cf-cache-status HIT age 599087 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkB3c1jdhOH2dH0rdIGO3WIga81QltGW4TjDeii4w%2FNXXYLmglal%2FWm6aMPH6wMqQty%2BbJxJCSDfIf6mjhiOe3Gp7vErDdsVlGzaHHXZkVO6HKuFbAj3afbfn5Ik7xcE"}],"group":"cf-nel","max_age":604800} expires Thu, 17 Oct 2024 19:40:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/png last-modified Wed, 11 Mar 2020 20:19:08 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c93beab76c-AMS accept-ranges bytes content-length 6166 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	ad.js Show response adbuho.com/assets/ads/	1 KB 1 KB	100ms 39ms	Script text/javascript	172.67.175.128 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adbuho.com/assets/ads/ad.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.175.128 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1db0d5a7f2f5906b2dcaf290bae1d0012e06eaf24c25187541ceb904f69e043 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 817 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BF8sWLJIL99maYZwEKVaAfKqujtVs50Nkp5LI9ESsbKxLxGJxvNoTz%2B7nh5sI3DNayX0p5bie0bfLbzI7lNgS0%2FoM1%2BcYXarwLHiniVA72mAvm01%2BARj5FHam67"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236c99d81b79c-AMS alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type text/javascript last-modified Tue, 13 Aug 2024 00:52:02 GMT vary Accept-Encoding server cloudflare
GET H3	200	step2.png playpaste.com/images/steps/	7 KB 7 KB	36ms 36ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/step2.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85d1db4f9370bb81c93b01c6e94a29c6c854e84f391ca90b2a55c4602092adcd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cf-cache-status HIT age 44409 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ha8wXUlVo9XG7lto4gAOfdUUKumv6sAWCQUUyu25Qf5oOt5Qd4eBUcjO5mD3%2BPh%2Fu4PJ3GBF2V2KMFY4lxogxmsGKu2MwISpU%2FA0SJF%2B87CNC%2BlGUCCeBUQU950OOoDW"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:44:48 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/png last-modified Thu, 19 Mar 2020 18:37:12 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c9ac92b76c-AMS accept-ranges bytes content-length 7003 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	lock.png playpaste.com/images/steps/	752 B 1 KB	36ms 35ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/lock.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cba720f16c14b340c2ef7cebcdce1a3497e716bf8ce363d200fef0b3d5eb27c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cf-cache-status HIT age 47396 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcIMNQN3p%2F%2BgYryyHNaHm5d7roTerOLMqPwS5D5Czv07QYZCgipKvkBbkRwOF8gg%2F5%2FU9Fn5Qt7E%2BYnAJyXvKYjmWo9gH4iDBFnFHjSFtDGNFBxd3Ji%2BwqkdOZj0EvVB"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 04:55:01 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/png last-modified Thu, 19 Mar 2020 14:19:42 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c9ed17b76c-AMS accept-ranges bytes content-length 752 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	money.png playpaste.com/images/steps/	3 KB 4 KB	36ms 36ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/money.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94f8600cde578917e2ae9e0c71c8970b49e62db40060da61a4d24481acc9fbc6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cf-cache-status HIT age 571635 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Opk3FzwoWZac34EJR3Xn75ykeqWNiIYmkvC%2FNfWE8CbNI%2FkBrc16xIiLpfNsQL8zYTwrbXJ%2B9uBkaa152xGYEoSocflgOhl2hPi8sgMp62Sn6Wv2owLVmbn2IMvm%2FF9a"}],"group":"cf-nel","max_age":604800} expires Fri, 18 Oct 2024 03:17:42 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/png last-modified Thu, 19 Mar 2020 14:18:08 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c9ed18b76c-AMS accept-ranges bytes content-length 3113 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	step3.png playpaste.com/images/steps/	6 KB 6 KB	33ms 31ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/step3.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62e790a1d2e9eade1f7f4338fd1e23feb94d232ab0aee7eb2d6b1ac910903608 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cf-cache-status HIT age 44409 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qT074e3P%2Fq0QurYgg%2B%2F24u6CVg226%2FmeYMtG4Ob3%2FB7%2BapUwC3TyWcDRUytDT38cs5UqYEBuBGbn13AfpUMFUS6buKgr7rRmjFHEUrFS%2Ft5sQ%2F%2BIjM2%2BXBbeP5xXVtXV"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:44:48 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/png last-modified Thu, 19 Mar 2020 14:52:22 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236c9fd34b76c-AMS accept-ranges bytes content-length 5931 x-turbo-charged-by LiteSpeed server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	116ms 56ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers content-encoding gzip age 138397 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:38:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:38:20 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30028 x-xss-protection 0 server sffe
GET H3	200	ckeditor.js Show response playpaste.com/js/	628 KB 192 KB	34ms 32ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/js/ckeditor.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4dd8b9ca8450296d07afd42ea5d30beb03a36b92db354c8a0274681d1fd880 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 3010 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zgb0RXaDqeqKpRVKEg%2FOUyKj0DRCMD4YRG3C2IMrrj18hGFtXBjsBgVJjZ2%2BHWCwbaDsqLe%2BqwCBnEy3eAKujgdq3AyYgebuMNqkw0d3Lrl8lBiPt7mLDTFTalmshRiW"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236c9fd37b76c-AMS alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Fri, 28 Jun 2019 07:17:50 GMT vary Accept-Encoding server cloudflare
GET H3	200	scripts.js Show response playpaste.com/js/	4 KB 2 KB	33ms 32ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/js/scripts.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39606353fdd9bcbdb717e5b82e77fad61a94b738233daf50feb0872db78c2e2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 3010 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnRmH9vR15U8mzQLCSsUHBYc9MomjyN9R%2Fr0AVZZSzY9L%2FeYwqtKZt5aJccfF0LmpLBnHH5qWlziLnytziScjkM0MllkwBnIi%2BSQczTExCsCt7G51%2Bjv%2BgKQ9kQ%2F8pML"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236c9fd39b76c-AMS alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 14 Jul 2020 19:15:50 GMT vary Accept-Encoding server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 79 KB	176ms 72ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-55809308-1 Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3b3d1e678c9bfbb691cc18064f1507d50862b38276bd198516eae76ebbe2ebf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 17 Oct 2024 18:04:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:04:57 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80249 x-xss-protection 0 server Google Tag Manager
GET H2	200	xNN8bVd0IW9Ln3sLGDdmLc30j5lwvTZ0 Show response widgets.marketcat.net/pixel/	92 B 617 B	162ms 96ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.marketcat.net/pixel/xNN8bVd0IW9Ln3sLGDdmLc30j5lwvTZ0 Requested by Host: playpaste.com URL: https://playpaste.com/?v=jFie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fb231b96f9d230c97ced4141b1e2585560ae47b23e72f5b90643f14fcf29399 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cache-control max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDKMCoCd%2FyMnoY7O4O%2FC%2Bi0SsGDzZNKPGdtiyyWl6Q3M7v%2FkgNoTYhzBU8NS62EFVODAW8xTy2M8YmETenOIhEVTvoaEQ7%2Fefm7YnCoYdDmvk34kifdS3WazPsCePH8Gvvx%2BphJjN1AB%2BBIdRkuWwtuTjnk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236ca68c50e33-AMS expires Thu, 17 Oct 2024 18:04:57 GMT alt-svc h3=":443"; ma=86400 content-length 102 date Thu, 17 Oct 2024 18:04:57 GMT content-type application/javascript vary Accept-Encoding server cloudflare
GET H3	200	game_played-webfont.woff2 playpaste.com/fonts/	10 KB 10 KB	63ms 61ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/fonts/game_played-webfont.woff2 Requested by Host: playpaste.com URL: https://playpaste.com/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b37e56061545777a265c686835543c756b75b831c9c24740d898caed276775 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://playpaste.com Referer https://playpaste.com/css/styles.css Response headers cf-cache-status HIT age 44409 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEWVe4pvQfFbLhOjna5DzxuYAuycJMC0Iu7vW%2B0cEjorjHPd%2FpBGRCf6B9Ee3Y3EKDaIwcOKFjNKzOvcNejTohb8xVH1QTByHV0AOPZgz14oxGf05YmLdIdGi0rzRGIt"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:44:48 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type font/woff2 last-modified Wed, 11 Mar 2020 21:23:14 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236ca2d68b76c-AMS accept-ranges bytes content-length 9888 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	112ms 50ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://playpaste.com Referer https://fonts.googleapis.com/ Response headers age 138584 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:35:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:35:13 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	88ms 25ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://playpaste.com Referer https://fonts.googleapis.com/ Response headers age 212757 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 15 Oct 2025 06:59:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 15 Oct 2024 06:59:00 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET H2	200	js Show response www.googletagmanager.com/gtag/	268 KB 94 KB	63ms 62ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4LC441GTTD&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-55809308-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 49b50b07405acdf02b151e0af338664f6cadcdecfac352ee9099a747b9bae20e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 17 Oct 2024 18:04:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:04:57 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 96201 x-xss-protection 0 server Google Tag Manager
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	103ms 50ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-55809308-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers content-encoding gzip age 2322 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Thu, 17 Oct 2024 19:26:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 17:26:15 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 0	58ms 20ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-4LC441GTTD&gtm=45je4ag0v9119042824za200&_p=1729188297481&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665~101686685&cid=288879157.1729188298&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1729188297&sct=1&seg=0&dl=https%3A%2F%2Fplaypaste.com%2F%3Fv%3DjFie&dt=DBSP4RKING0%20%5BMed%5D%20%7C%20PlayPaste&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=784 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4LC441GTTD&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://playpaste.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:04:57 GMT content-type text/plain server Golfe2
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 417 B	61ms 60ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1714623547&t=pageview&_s=1&dl=https%3A%2F%2Fplaypaste.com%2F%3Fv%3DjFie&ul=nl-nl&de=UTF-8&dt=DBSP4RKING0%20%5BMed%5D%20%7C%20PlayPaste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1042627941&gjid=507863180&cid=288879157.1729188298&tid=UA-55809308-1&_gid=1681421014.1729188298&_r=1&gtm=457e4ag0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685&jsscut=1&npa=1&z=820414093 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://playpaste.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:04:57 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://playpaste.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 1 server Golfe2
GET H3	200	playpaste.com Show response adbuho.com/ads/eyJpdiI6IlZsVkdOZ2FtVWQ3N0c4VzlkUWdvdnc9PSIsInZhbHVlIjoicmoxamtZRDV2NUxVNnNrdm9hQ09XZz09IiwibWFjIjoiYTBlNzY3NjQ1MWU3MmJhZjA5YTJkZjIwMTZjMTRjYzlkMWEzNTBmNmQ0YzdmZGNmZGJhMzgxMTJmZDA0Mj...	740 B 1 KB	333ms 309ms	Fetch text/html	172.67.175.128 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adbuho.com/ads/eyJpdiI6IlZsVkdOZ2FtVWQ3N0c4VzlkUWdvdnc9PSIsInZhbHVlIjoicmoxamtZRDV2NUxVNnNrdm9hQ09XZz09IiwibWFjIjoiYTBlNzY3NjQ1MWU3MmJhZjA5YTJkZjIwMTZjMTRjYzlkMWEzNTBmNmQ0YzdmZGNmZGJhMzgxMTJmZDA0MjdhMSIsInRhZyI6IiJ9/728x140/playpaste.com Requested by Host: adbuho.com URL: https://adbuho.com/assets/ads/ad.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.175.128 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2dc9a969e52330d5582852910f23e02ed68c9367e2a8d365e0ff78a703b14ea Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKqDSDYxgrgwBDgknMQKjrf8NMCPqdqC6YSB0wcUzqN%2FQNtOd2AaY%2FYVimR6dTiIl%2FGm3F23fIlze4D8OUIaI9Q8UzMvyECmNUTRp15DIrBWiwLj8cWAph8moUtn"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236ccda89b956-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:58 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	404	favicon.png playpaste.com/images/	1 KB 1 KB	89ms 89ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/images/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7becc0246aa4fcb8127b3459b2b8c6c04879c6855b0fcf370f8c83d2de88d319 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers cache-control private, no-cache, no-store, must-revalidate, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAWHeiI%2FxxNsTLTqogCa8T2ZIxFSEDHOjgOIVcuWb814oLuxLzoLJeC%2BaWyzW1Nnzah9DCm6c3a%2FOZ8lq0JXdcSsJJUc5o6O77VWcpCraKr9qkzHSRCiFvex4MRbDIeW"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236ccb8ddb76c-AMS alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT x-turbo-charged-by LiteSpeed content-type text/html vary Accept-Encoding server cloudflare
GET H3	200	favicon.ico playpaste.com/images/	10 KB 5 KB	33ms 33ms	Other image/x-icon	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/images/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2a55b08dae75de11d516a27b7c2a4858c19e8c4ca506d0f269ecbc59b789deb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/?v=jFie Response headers content-encoding zstd cf-cache-status HIT age 39209 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5LfJawzhPiDtwWIOjI4JzNxADIngd5PxL0aMY2SRlTl0CsCN3AevZXeAmRffQnwp4CL1yCQ4Rk2npM%2BMZZqqPZGspCLIXDaR2zW%2FufKtWhSESulHN1oT0n3DGilfRh%2F"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 07:11:28 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:57 GMT content-type image/x-icon last-modified Tue, 08 Oct 2019 23:02:02 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236cd4994b76c-AMS x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	playpaste.com Show response adbuho.com/ads/eyJpdiI6IlZsVkdOZ2FtVWQ3N0c4VzlkUWdvdnc9PSIsInZhbHVlIjoicmoxamtZRDV2NUxVNnNrdm9hQ09XZz09IiwibWFjIjoiYTBlNzY3NjQ1MWU3MmJhZjA5YTJkZjIwMTZjMTRjYzlkMWEzNTBmNmQ0YzdmZGNmZGJhMzgxMTJmZDA0Mj...	740 B 1 KB	277ms 277ms	Fetch text/html	172.67.175.128 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adbuho.com/ads/eyJpdiI6IlZsVkdOZ2FtVWQ3N0c4VzlkUWdvdnc9PSIsInZhbHVlIjoicmoxamtZRDV2NUxVNnNrdm9hQ09XZz09IiwibWFjIjoiYTBlNzY3NjQ1MWU3MmJhZjA5YTJkZjIwMTZjMTRjYzlkMWEzNTBmNmQ0YzdmZGNmZGJhMzgxMTJmZDA0MjdhMSIsInRhZyI6IiJ9/728x140/playpaste.com Requested by Host: adbuho.com URL: https://adbuho.com/assets/ads/ad.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.175.128 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e9d5a00648122c047b07b65e02a2dcb68a55541bf30076ae756cab37966bee5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtlAr7op8UufByTMYN8j%2FsXp7UHsZIja8q6p5Okfzguhk4T6BVnDDTZeGKudy5Uo9FJpgTWygOG9vmlbl5oXXxXQ1ZtSaQZI9jsH2z2yLosrNJaEtSuw6i9JMM3M"}],"group":"cf-nel","max_age":604800} cf-ray 8d4236cecc9eb956-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:58 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	200	66ccb1a7547381724690855.jpg adbuho.com/assets/images/advertise/	21 KB 21 KB	48ms 48ms	Image image/jpeg	172.67.175.128 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adbuho.com/assets/images/advertise/66ccb1a7547381724690855.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.175.128 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2a904a641792362b0f568f4d637ae725a2ef617859ed718e40c66d3ae4a3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cf-cache-status HIT age 288114 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LppRWPdWjcPZaAjl9OrlbCDPerT0D36rrJC8SJfVkOvXbKGCaMXRCnq6XmNkME9xSwlKW8m18uDjfnFEeegHl2GqBNcbQeOrihxxX2qpHy%2FMXYTqCosKdVFpip9"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 10:03:04 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:58 GMT content-type image/jpeg last-modified Mon, 26 Aug 2024 16:47:35 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236cecccdb79c-AMS accept-ranges bytes content-length 21112 x-turbo-charged-by LiteSpeed server cloudflare
GET H3	200	66ccb28968f3b1724691081.jpg adbuho.com/assets/images/advertise/	23 KB 23 KB	35ms 34ms	Image image/jpeg	172.67.175.128 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adbuho.com/assets/images/advertise/66ccb28968f3b1724691081.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.175.128 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ea62651dfe9b3ec84bf69495b8f8286b07eee403b09e12da163c9d3c2e5772f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://playpaste.com/ Response headers cf-cache-status HIT age 289746 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9EqL468rKp3qJtlDz7F%2FvPBlSPOo%2BLhj7prO9RtSbrJ0%2F2vNbFRwUef8SsD5Lh%2F4J%2BDqiEku6il4p3wTcZMsEQJPopnPVX%2FRkntGTL9HLtvi%2B2GaaN6QEJ0fSJI4"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 09:35:52 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 17 Oct 2024 18:04:58 GMT content-type image/jpeg last-modified Mon, 26 Aug 2024 16:51:21 GMT vary Accept-Encoding cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d4236d08f4db79c-AMS accept-ranges bytes content-length 23460 x-turbo-charged-by LiteSpeed server cloudflare

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hideAdverTiseMent function| $ function| jQuery object| CKEDITOR function| setCookie function| getCookie function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.playpaste.com/	1970-01-21 09:55:48	Name: _ga_4LC441GTTD Value: GS1.1.1729188297.1.0.1729188297.0.0.0
			.playpaste.com/	1970-01-21 09:55:48	Name: _ga Value: GA1.2.288879157.1729188298
			.playpaste.com/	1970-01-21 00:21:14	Name: _gid Value: GA1.2.1681421014.1729188298
			.playpaste.com/	1970-01-21 00:19:48	Name: _gat_gtag_UA_55809308_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://playpaste.com/images/favicon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adbuho.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
playpaste.com
region1.google-analytics.com
widgets.marketcat.net
www.google-analytics.com
www.googletagmanager.com
142.250.186.131
172.67.175.128
188.114.96.3
2001:4860:4802:32::36
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a06:98c1:3121::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e9d5a00648122c047b07b65e02a2dcb68a55541bf30076ae756cab37966bee5
35e9db3adbcd84a6922443b757f420ab071e418f1954b77866d6228eccac653a
39606353fdd9bcbdb717e5b82e77fad61a94b738233daf50feb0872db78c2e2a
3b3d1e678c9bfbb691cc18064f1507d50862b38276bd198516eae76ebbe2ebf8
3c4dd8b9ca8450296d07afd42ea5d30beb03a36b92db354c8a0274681d1fd880
49b50b07405acdf02b151e0af338664f6cadcdecfac352ee9099a747b9bae20e
5fb231b96f9d230c97ced4141b1e2585560ae47b23e72f5b90643f14fcf29399
62e790a1d2e9eade1f7f4338fd1e23feb94d232ab0aee7eb2d6b1ac910903608
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71cfdae69236a935151761b96b4f46b54f95be14372112e9b5c398eb87db1b3a
77b37e56061545777a265c686835543c756b75b831c9c24740d898caed276775
77c9d943529bbef64ba98fa6d40718bf2d574dcc6b76f7ff83adde055d4c927a
7becc0246aa4fcb8127b3459b2b8c6c04879c6855b0fcf370f8c83d2de88d319
85d1db4f9370bb81c93b01c6e94a29c6c854e84f391ca90b2a55c4602092adcd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
932cbd7af03f5458c0f105a064ba91e2e026e47f02196b57fa41ce7781a24ba8
94f8600cde578917e2ae9e0c71c8970b49e62db40060da61a4d24481acc9fbc6
9cba720f16c14b340c2ef7cebcdce1a3497e716bf8ce363d200fef0b3d5eb27c
9ea62651dfe9b3ec84bf69495b8f8286b07eee403b09e12da163c9d3c2e5772f
9ee2a904a641792362b0f568f4d637ae725a2ef617859ed718e40c66d3ae4a3e
a1db0d5a7f2f5906b2dcaf290bae1d0012e06eaf24c25187541ceb904f69e043
a2dc9a969e52330d5582852910f23e02ed68c9367e2a8d365e0ff78a703b14ea
b2a55b08dae75de11d516a27b7c2a4858c19e8c4ca506d0f269ecbc59b789deb
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd