pastebin.pl Open in urlscan Pro
2606:4700:3030::6815:2e4c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pastebin.pl/view/1ee05f43
Effective URL:
https://pastebin.pl/view/1ee05f43
Submission: On March 12 via api (March 12th 2024, 11:16:52 pm UTC) from US — Scanned from US

Summary HTTP 67 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 67 HTTP transactions. The main IP is 2606:4700:3030::6815:2e4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.pl.
TLS certificate: Issued by GTS CA 1P5 on February 7th 2024. Valid for: 3 months.

This is the only time pastebin.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:8868	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 24	2606:4700:303... 2606:4700:3030::6815:2e4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c1f::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::8b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c0b::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::93	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c08::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1f::cf	15169 (GOOGLE) (GOOGLE)
67	12

1 2606:4700:3034::ac43:8868 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pastebin.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3030::6815:2e4c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pastebin.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1f::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	pastebin.pl 3 redirects pastebin.pl	200 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647	124 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	306 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	37 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 storage.googleapis.com — Cisco Umbrella Rank: 303	81 KB
3	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2527	52 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5045	593 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	242 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
67	9

	Domain	Requested by
25	pastebin.pl	3 redirects pastebin.pl
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	pastebin.pl pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	storage.googleapis.com	srcdoc
3	www.adsensecustomsearchads.com	www.google.com www.adsensecustomsearchads.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com pagead2.googlesyndication.com
1	partner.googleadservices.com	www.google.com
1	www.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	pastebin.pl
1	www.googletagmanager.com	pastebin.pl
67	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.binance.com
twitter.com
plus.google.com
www.tumblr.com
www.reddit.com
wordpress.com
github.com

Subject Issuer	Validity	Valid
pastebin.pl GTS CA 1P5	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://pastebin.pl/view/1ee05f43
Frame ID: ED1263E8107F132665BF422C6FC27BE4
Requests: 47 HTTP requests in this frame

Frame: https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 6D15743D4ACD307FEBCF185655706F9D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: AB193AE740397083092D9F7ED54E927E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1710285407&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710285407174&bpp=6&bdt=839&idt=462&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8501747716644&frm=20&pv=2&ga_vid=308925357.1710285407&ga_sid=1710285408&ga_hid=345925748&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922&oid=2&pvsid=2549230100157898&tmod=1684834472&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=481
Frame ID: FA5AF7D591A241F2F60AD2BEED70D987
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF34CDF579BC38A1BF68CF057CF016C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 958F35E16320E0D84BCA7A2E3568CA18
Requests: 2 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ff27f19532ac7f1f5&fexp=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922%2C42532561%2C21404%2C17300003%2C17301383%2C17301421%2C17301431%2C17301432%2C17301436%2C71847096&client=pub-2536515702233288&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&client_gdprApplies=0&format=r5&nocache=7401710285408556&num=0&output=afd_ads&domain_name=pastebin.pl&v=3&bsl=10&pac=0&u_his=2&u_tz=-600&dt=1710285408557&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3022&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=610814804&rurl=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43
Frame ID: 42DA68617C34B33F882E03524E5DB65E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2536515702233288&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710285408&rafmt=1&to=qs&pwprc=8024604295&format=1200x280&url=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710285408515&bpp=2&bdt=2181&idt=-M&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8501747716644&frm=20&pv=1&ga_vid=308925357.1710285407&ga_sid=1710285408&ga_hid=345925748&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922&oid=2&pvsid=2549230100157898&tmod=1684834472&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=163
Frame ID: 7A925FFB5E65D4ADD02AF7DCA6F8F6FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: 699D60328CA9B34AF1BADBFF46DD1536
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: 310594146168EE63F3F1C6A706487CEA
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 554D2CC3FA73AD02705B9E8FE07DD261
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 32018A5428EFAE8CBBD2E8A24EFB3622
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Re: Robux Script - Pastebin

Page URL History Show full URLs

http://pastebin.pl/view/1ee05f43 HTTP 301
https://pastebin.pl/view/1ee05f43 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

100 %
IPv6

9
Domains

12
Subdomains

12
IPs

1
Countries

891 kB
Transfer

2401 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pastebinpl
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.binance.com/en/register?ref=11561973

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastebin.pl/view/1ee05f43

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://pastebin.pl/view/1ee05f43&text=https://pastebin.pl/view/1ee05f43

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://pastebin.pl/view/1ee05f43

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&name=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&description=Pastebin.pl

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://pastebin.pl/view/1ee05f43&title=

Search URL Search Domain Scan URL

URL: https://wordpress.com/press-this.php?u=https://pastebin.pl/view/1ee05f43&t=&s=

Search URL Search Domain Scan URL

URL: https://github.com/claudehohl/Stikked
Title: Stikked | Pastebin.pl 2014 - today

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pastebin.pl/view/1ee05f43 HTTP 301
https://pastebin.pl/view/1ee05f43 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Request Chain 23

https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1ee05f43 Show response
pastebin.pl/view/
Redirect Chain

http://pastebin.pl/view/1ee05f43
https://pastebin.pl/view/1ee05f43

34 KB
9 KB

627ms
462ms

Document
text/html

2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61cb4d9f1384c6b4146b0e46838e72877dd1c3a816656ab3ff51b72debd3a41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86377e6aeb1f43f3-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Mar 2024 23:16:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRsii9N%2BR6nHtCsausBoFiwK9vkmEtdeUCTIlcxGRG67xyctk38ZJeWSrHZyse3BrMJk2CMY%2FVYz2UpKRMcxE4IjPhgiopmhUdOCPuI11MNt7l015Gy8zKvDev3vFp44sxAdF9dtPdlDMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 86377e694ec87ced-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 12 Mar 2024 23:16:45 GMT
Expires: Wed, 13 Mar 2024 00:16:45 GMT
Location: https://pastebin.pl/view/1ee05f43
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBpvP%2BCspBKYnDhGKkCpG3xpIEYRY1p%2FUupL0hXy69CrY%2B6h%2Br03qEXv0Eu04EYbe5ZFD%2F9kgHoe5zEGpgTxmXjoYuf9KdCL9brZOfD5CEBa8GEQlK7jczS2adsHRnFB5pDfQplQfbCBeA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 16262479586fe652146aefffcee5e73b9d19256f5d.css
pastebin.pl/static/asset/ 121 KB
22 KB 104ms
103ms Stylesheet
text/css 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d2eaace9b5724aa7c577073b1bcac20903ef31e39ffca167ebfd4274b21682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41921
cf-polished: origSize=124701
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Jul 2021 08:17:54 GMT
server: cloudflare
etag: W/"60ee9db2-1e71d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTpetYtlhe3SJHae%2BxP6LotW%2Bzi7OnWesqi5yNZ9J6Jv6zk6Jpbbmqt3Ru1GzgFLMVt%2F7zMxkQhFWtDw61yQlybmR7v1QD9KWaRCR8uIdnXYtpjMU0kuVdVNmj2sNvbfFvRNCoRQMm%2BLNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 86377e6dee2843f3-EWR
expires: Thu, 11 Apr 2024 11:38:04 GMT

GET
H2 200 btc.png
pastebin.pl/custom-images/ 6 KB
6 KB 100ms
99ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/btc.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1258824
alt-svc: h3=":443"; ma=86400
content-length: 5918
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-171e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSXx3VqTYJRGZs3H%2BHyoRymnTov3UicHN6Zpi%2F8IiZxZVt6%2FwM4ucP05NvKymwzPYOUEhrinNbpGhVaxsv8UANAi4HBfDeB5I%2BmrGCx%2FQjL6mlqKUi1XEcIT%2BA8aJDftYs03fB1q6FoT%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee2943f3-EWR
expires: Thu, 28 Mar 2024 09:36:22 GMT

GET
H2 200 Facebook.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 3 KB
4 KB 100ms
100ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Facebook.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083356
alt-svc: h3=":443"; ma=86400
content-length: 3394
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-d42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHAJbNMGNpjvysJ27lCVMJyi6m2UDRhnP5bI53uhe3vWqgCEw0w8zcpycVpk7rLIsiN6YjbvqSrgvi3vq4kpn6t7lHI5sFZPZ7VNFaHV42VYEU4%2FeAbgZWL%2Bpri8BkX%2FIZPOrJDm9MVvhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee2a43f3-EWR
expires: Sat, 30 Mar 2024 10:20:50 GMT

GET
H2 200 Twitter.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 101ms
98ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Twitter.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1258824
alt-svc: h3=":443"; ma=86400
content-length: 3644
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-e3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDdZttvv9GzMLDZ0JLwspMzTiZ7u66xnrojAjLgk6286LmypqrIGt5K0Bpis%2Ftgyz5EQGLDwckuUSnGI7S7ZOB0j3GCThaxR4s5Ze%2FJy0qpRKm2gIOpICoRFEouw1XrCwe6eo9EdaHiLyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee2d43f3-EWR
expires: Thu, 28 Mar 2024 09:36:22 GMT

GET
H2 200 Google+.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 105ms
102ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Google+.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507926
alt-svc: h3=":443"; ma=86400
content-length: 3869
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-f1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XEEfVJJTCTczre7N325eDXrwV3XbHNkgqp0seZwRc1rrK%2F1n4%2F8bhyHqFnCADIuIm4vEW7hG8FRvfhp6f%2B0L7i23xZSb7qMsxdy4%2FaNXfk8HLtXaBCnqW0mr8iIUHB0%2FFC%2F5u4KF7PORw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee2e43f3-EWR
expires: Sat, 06 Apr 2024 02:11:20 GMT

GET
H2 200 Tumblr.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 3 KB
4 KB 106ms
104ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Tumblr.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1235441
alt-svc: h3=":443"; ma=86400
content-length: 3439
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-d6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pweAffAi7onCYLKDSb0Vd%2FfuGa9aius0Mw0wWp%2BW%2BbfV%2B8Q2Gbo4mwUCpz75px2gl8RdpetFMVyua%2FwFjSGr8UgVdd2zW98dMiRTAllznwHKKNZUsx9JzpQmGnm405EIGmNQKXgaWlODRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee2f43f3-EWR
expires: Thu, 28 Mar 2024 16:06:05 GMT

GET
H2 200 Reddit.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 105ms
103ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Reddit.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083356
alt-svc: h3=":443"; ma=86400
content-length: 3971
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-f83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1Gwk3FPQZocZSEasxa5sNEo9pHK4wEoiOWnNXTdGrPvVDK7%2Brh3YMo6psdMP80ava20c4rt%2B%2BN09lo1pYhCLE%2BDxmtOAkGHDAu1Bh86tvBlfz52jRFoX8Jht%2BJX%2BZOsptkeyn2FTdFnBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee3243f3-EWR
expires: Sat, 30 Mar 2024 10:20:50 GMT

GET
H2 200 Wordpress.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 107ms
105ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Wordpress.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083356
alt-svc: h3=":443"; ma=86400
content-length: 3972
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-f84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3S25zX1OKSePZzDAC3a1HRGcRtyiYjT6Yse0bFYWEHQkaFTzwe7JPgUx%2FC9AImea%2B4c5QPhL8Hs9m%2FeNUqxiZ%2FToH1bMK%2FsWg8i6Agiezg%2Bjvd9aGTOZBfWxLZta0epVSeLpEjG1xPFiXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee3343f3-EWR
expires: Sat, 30 Mar 2024 10:20:50 GMT

GET
H2 200 Email.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 106ms
104ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Email.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083356
alt-svc: h3=":443"; ma=86400
content-length: 3676
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: cloudflare
etag: "60ee9315-e5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg%2Bd7ZjXF8uY4Fcq84slZWsncIqcnldI1djlwiBA4LIpGCjQ3u32NgCp9hPkczblYkYCOjWDtRLyzaK9CFLmCTEoj%2BzK7beqc%2FK3GMpsC%2F8yb2awSM8VHNU%2B9Y0jTa4zyskZZl7KVt6rsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86377e6dee3443f3-EWR
expires: Sat, 30 Mar 2024 10:20:50 GMT

GET
H2 200 1ee05f43
pastebin.pl/view/qr/ 378 B
727 B 301ms
300ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/view/qr/1ee05f43

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5f9004dd9f38e2875acd8ef60dfcf07a7efb02960942ce72375ca958f4d5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK7t3%2B6xQnNYLLDN6lgmC7hzwtxN39kEH3uN6BqraMFRAuX35TaijYeN4CCBrrni1ufa0JtgrSB2s7z5v4H7pBghrfVhVcJF6xNRS07ySb0xaaQjLTW39bS5%2FLZUkqQcuoukqRqfE%2Fm8oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86377e6e6eb143f3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 captcha
pastebin.pl/view/ 3 KB
3 KB 539ms
538ms Image
image/jpeg 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/view/captcha?1710285406

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e44543461c601a87a77b58d66438e83b2308d3d23ab497e17ffc366709ac4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5sJ92yRHkxCQoREYIIqXw1j%2BchYCmKANveX6%2BhOxrjlwK%2Bi3dqhjJT0%2F8Cois5QIID4ATlGkplg3zHLJC0w5f93bep4Thu6%2FShb7cyzbalo3xxXIUGo%2B7Zbve3%2FkIb8J7hA%2BVxBncTyZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86377e6e6eb343f3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 email-decode.min.js Show response
pastebin.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 97ms
94ms Script
application/javascript 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65e75beb-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5s4%2Flz8kvZeZ1vjLz%2F6Lv%2BThTqfQXzJfGu%2FMN%2BfBIx%2FAdVuzeSJhAXB3AqxNowf%2BL7RSoFx9L%2ByjF%2BVaeIPg4YqHvidcj8l6FuyI45kuQ%2FMqLeUeVdKiXQ4MBmwNWNHR2jj%2BOEBy6%2B%2F4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86377e6dee3143f3-EWR
expires: Thu, 14 Mar 2024 23:16:46 GMT

GET
H2 200 rocket-loader.min.js Show response
pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 171ms
170ms Script
application/javascript 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65e75beb-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksurNgs31R3LVLKoMvTvBGYs1VVx%2FfldaObeEyckHveIpr9VCcszmh7wRqIL1QuNiexEj%2FJCLWHw1aq8Wpe1Ei4BVaTfaa1PO4sVI4PL8kX6gVwc%2B3dGT4EW88fHiKgH%2FZuDc5EyLrI08A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86377e6e6eb443f3-EWR
expires: Thu, 14 Mar 2024 23:16:46 GMT

GET
H2 200 banner_soc.png
pastebin.pl/themes/stikkedizr/images/ 2 KB
3 KB 83ms
83ms Image
image/png 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/themes/stikkedizr/images/banner_soc.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 24 Feb 2024 17:40:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1488999
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wHiFpeZzQS%2FfHjwEMUbZ1f3azC6isddW647TUvC0Zy08COcvy1tc9iyn8wKRPhh2N4aeyawBp3cdXiKQ4WMAcLW7tQJwrwCJEW3RycfITStuQpAM2T80TKK9md0w8%2FjXHjQpGihTXWSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 86377e6e9ecd43f3-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 17:40:07 GMT

GET
H2 200 fontawesome-webfont.woff
pastebin.pl/themes/stikkedizr/fonts/ 43 KB
44 KB 685ms
684ms Font
application/font-woff 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/themes/stikkedizr/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Origin: https://pastebin.pl
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfqDAZr0pp4JjkB5i5ruQbP79d4P6NMCQNjdvjqnB3dOQ7Nx0IpJuqcBMb4yI50ukTWrkYuyHLsVF%2FzYr6GbrXxl%2BOlxOnVgP2NaXRK3OnykpxlEAyZVGKgpcScc9Y%2BksyFNyIC9%2FSOGhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86377e6e9ed443f3-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Mar 2024 23:16:46 GMT

GET
H3 200 17092055377430a1044da8a37b18147203f4015289.js Show response
pastebin.pl/static/asset/ 207 KB
68 KB 88ms
87ms Script
application/javascript 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/static/asset/17092055377430a1044da8a37b18147203f4015289.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e8048dadfca5b1b09d5eb01b7fabcc736af2cd57009d88c37213d1e42103860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/view/1ee05f43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1079231
cf-polished: origSize=212430
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 29 Feb 2024 11:18:59 GMT
server: cloudflare
etag: W/"65e06823-33dce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o82ZZ9ihpT20ect%2Fy50HLVfG91qeLg1T5e43J7tkxQhiB4d%2Fzlnwhd%2Fl4yUMIc8eJlFiS9uJRXJ3kqvc6fqyV1NdbpHemGspCHnnZbsk9B%2FNf%2BbJ1fZDTEKB0cUfGgiGTPvvbQmMB%2F0cJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 86377e6efe1e19ff-EWR
expires: Sat, 30 Mar 2024 11:29:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
91 KB 193ms
80ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9503b5587075d4728becbb607d2f94d18d18a75f62229b96516b9b70b31997c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Mar 2024 23:16:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 235ms
123ms Script
text/javascript 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6527c0dfac628df7495c76f03acfa3c55ca9a637d06203eaa7be0b640a4650b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Origin: https://pastebin.pl
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51021
x-xss-protection: 0
server: cafe
etag: 1311933262963163112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 12 Mar 2024 23:16:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 159ms
47ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 22:16:37 GMT

GET
H3

200

main.js Show response
pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 6D15
Redirect Chain

https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

8 KB
4 KB

71ms
71ms

Script
application/javascript

2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/1ee05f43

Protocol

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514df391d5eef5f958a878428c1ee7e8dd402946d3e3ffe2d7303f92ed3e6017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4lfcbCptkhuBqIw20OiOtUcfIIlV%2BBbDXbkUn907yAk%2FuFAE2J4ZBcIiSdsvKkPKKa5vekuwf74hV6wQvFDQgai23vvbJSgULBo1DG3vthJjz7CAx4VjRGqhT8n0gYR1bP5ZzmAPtxDNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86377e709f6c19ff-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 12 Mar 2024 23:16:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7G%2FcDgrlkjKzHDeaDmOTy%2FOQuZLERv58BG5V4IoLqF5NEn88OgJ3FfNwFB8S69q32EAq2qb5vZdIBjHVQZiaTeF%2FHGwryaNtbZFh1OJUETKSW08TuOx%2FulqIMKqbM25Zy3oV8JA5BvfgA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control: max-age=300, public
cf-ray: 86377e6f1e3319ff-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 200 86377e6aeb1f43f3 Show response
pastebin.pl/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6D15 0
636 B 82ms
78ms XHR
text/plain 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/challenge-platform/h/g/jsd/r/86377e6aeb1f43f3

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cv58lSGvKTnrbKGvWqPh5ZftoMkKCQ0ZT4w5bfO6PmYsb7KPaEXtaxIAM0uwK4ISZDaFHbVDDPRTA5YsXUYVoDLhkQEfRX%2FbYCy0nxmSALEps%2F4PJrX5LTKtvfE%2Fr0OlxBdYy5hALAYyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86377e71c89819ff-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/ 405 KB
137 KB 296ms
150ms Script
text/javascript 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba076cf930d261a414e0b41cd897baff1faa8d913f335be50866fabdf24cfd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140662
x-xss-protection: 0
server: cafe
etag: 16996084156779998624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 23:16:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame AB19 9 KB
4 KB 218ms
64ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 11229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 20:09:38 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 20:09:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 6D15
Redirect Chain

https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

8 KB
4 KB

95ms
95ms

Script
application/javascript

2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Protocol

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8ff891dca1c2bba51d62f64fa6328bb9e618a69f483289836150e80112dbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvgHhCxc6nAr%2BRk3AFERokTHZ89CXeMfEAOwI%2FMhmzRfYg2HX3ATfhn%2B6GtfSwA9jfVsH13RnfvmvPt4CxLculQ0EHlWYkp18YO36FdaZMnVqvS%2F9gjoJG6rfp5gTe6qj2beHiCdA5kAZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86377e742aae19ff-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLuUblJhySHOMYNS7ZmzeJ5%2BXtWBgnXdj7v3vqsKm9bWC%2BH0j1M1Q3DRfx2HRwIrl4z0LwCLVAU%2Bs0VTJnfK6G4mBDJtrW9PhHOMtLIhntMoPpFM5xj7VE1Ynk0LqH5kIoldT1s1fk5Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86377e736a1319ff-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 text Show response
pastebin.pl/main/get_cm_js/ 0
536 B 472ms
472ms XHR
text/html 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/main/get_cm_js/text?_=1710285407207

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/17092055377430a1044da8a37b18147203f4015289.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://pastebin.pl/view/1ee05f43
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZY6AbyceG1oUP%2FIx0f13HZGgcQzmNEOjjUKrS8VgKQ%2BN87dn7oESm6CK7ApQVsJc2e800weIkyIMzE2ES%2BwAZksLOl%2B2lgGYBM8axRTEAXY7QRxNqJ0UphmKxn8Ci4sVDIpEpuPMka6CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86377e738a3519ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 211ms
69ms Ping
text/plain 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-88PKPGCEBF&gtm=45je43b0v882783435za200&_p=1710285407160&gcd=13l3l3l3l1&npa=0&dma=0&cid=308925357.1710285407&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710285407&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&dt=Re%3A%20Robux%20Script%20-%20Pastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1723
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastebin.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 86377e6aeb1f43f3 Show response
pastebin.pl/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6D15 0
632 B 101ms
98ms XHR
text/plain 2606:4700:3030::6815:2e4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/cdn-cgi/challenge-platform/h/g/jsd/r/86377e6aeb1f43f3

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2e4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OpTyYvgnVvrktlvloovR0si0qNwWh229XaRLB%2BYPsyZOYKRsf%2FziIus%2FnfuA1o88jQSWv2PWfqg14IZRk8f5ZWL1r2sZ%2FUvhx2IjvwBbV8f1PdlcaZr0otGSmeQAjTIhmr3Bo8eh433VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86377e756b9f19ff-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA5A 153 KB
24 KB 651ms
649ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1710285407&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710285407174&bpp=6&bdt=839&idt=462&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8501747716644&frm=20&pv=2&ga_vid=308925357.1710285407&ga_sid=1710285408&ga_hid=345925748&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922&oid=2&pvsid=2549230100157898&tmod=1684834472&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=481

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d4012cfa081c7c625559508cb064f82fb18fad3b862fb9dea37e3bc6299ac2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24747
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:16:48 GMT
expires: Tue, 12 Mar 2024 23:16:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 103ms
102ms Image
image/gif 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 118ms
117ms XHR
application/json 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6c25e40a6111fbb3ce9c127a8a7b9f0907e45cfa4224ef26915e88cc247bdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 218ms
41ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 23:16:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF34 13 KB
5 KB 45ms
44ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 33145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 14:04:23 GMT
expires: Wed, 12 Mar 2025 14:04:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 958F 829 B
1 KB 216ms
76ms Document
text/html 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

672c1f9734c5efa3b342c282727a070381a6b3f81b16fdcfeedf0869e8b2154a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QnWa9xyWNTcSZ2zLHlYbiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QnWa9xyWNTcSZ2zLHlYbiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:16:48 GMT
expires: Tue, 12 Mar 2024 23:16:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame AF34 39 KB
15 KB 58ms
57ms Script
text/javascript 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 14:20:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 958F 0
0 122ms
122ms Image
text/html 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=2549230100157898&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF34 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oN_crQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/ 166 KB
56 KB 136ms
135ms Script
text/javascript 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

197498e7aa14b770c461708cd705e8f9c81e2c3d86a113b4cd9e5b3e02777fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57243
x-xss-protection: 0
server: cafe
etag: 2173662280555540701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 23:16:48 GMT

GET
H2 200 ca-pub-2536515702233288 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 201ms
85ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2536515702233288?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9405171091ec4b61249f82b24004510ce76970fe0525a672e061dd0b3c8f216e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ceOngBnTnR-Qt_o1QN2stA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-ceOngBnTnR-Qt_o1QN2stA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx4Mjh9ezCez4uuIfIwD3Ri7k"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 138 KB
51 KB 66ms
65ms Script
text/javascript 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6520deae8dd31d99705df63e05719e1627796407bd561c9499f2b55f7d96ad73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12667515679306940541"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 12 Mar 2024 23:16:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 111ms
111ms Image
image/gif 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=42532561&hl=en&pvc=2549230100157898

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 376 B
593 B 162ms
61ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.pl&client=partner-pub-2536515702233288&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3fcc892e87d8d00b36c949db8c7b5a98a0d7cf7d4c5eff3d3dbb86a071db0d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
657 B 290ms
187ms Image
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=partner-pub-2536515702233288&output=uds_ads_only&zx=ll7ey3fxcse8&pbt=rd&ivt=false&dA=false&msg=client-side%20changes%20applied.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-cXmwaHOq57bnxc_vUEqbBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-cXmwaHOq57bnxc_vUEqbBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 12 Mar 2024 23:16:48 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame 42DA 1 KB
1 KB 243ms
143ms Document
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ff27f19532ac7f1f5&fexp=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922%2C42532561%2C21404%2C17300003%2C17301383%2C17301421%2C17301431%2C17301432%2C17301436%2C71847096&client=pub-2536515702233288&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&client_gdprApplies=0&format=r5&nocache=7401710285408556&num=0&output=afd_ads&domain_name=pastebin.pl&v=3&bsl=10&pac=0&u_his=2&u_tz=-600&dt=1710285408557&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3022&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=610814804&rurl=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e95c14b8e6df0b221d75bb085adaa3501eac433d0bfdb2d9a1d6bbd7ee6c992a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-o7MvDMD1VpkhKz_-U8kDfA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 541
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-o7MvDMD1VpkhKz_-U8kDfA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 12 Mar 2024 23:16:48 GMT
expires: Tue, 12 Mar 2024 23:16:48 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A92 847 B
433 B 194ms
194ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2536515702233288&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710285408&rafmt=1&to=qs&pwprc=8024604295&format=1200x280&url=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710285408515&bpp=2&bdt=2181&idt=-M&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8501747716644&frm=20&pv=1&ga_vid=308925357.1710285407&ga_sid=1710285408&ga_hid=345925748&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922&oid=2&pvsid=2549230100157898&tmod=1684834472&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=163

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93c0199fdf76f4d1d5dd792c585497312ef51a1b00dc7e397000f92b1b60521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:16:48 GMT
expires: Tue, 12 Mar 2024 23:16:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame 699D 9 KB
4 KB 54ms
54ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 13:28:34 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 13:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame 3105 9 KB
4 KB 55ms
55ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 13:28:34 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 13:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXN8SwXgioxHYQ4TuIFht9j37AZyLD_q27qHHhpSeYF6qkezWDBbWiH5NFL1I0a1H9gSqffcyubfl-rdbMmGQZ7k3DhbIHDWYsj4Q3XfbrkigqF5pA55zIpkxLDGja7lkQsFXDEEg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 82ms
81ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXN8SwXgioxHYQ4TuIFht9j37AZyLD_q27qHHhpSeYF6qkezWDBbWiH5NFL1I0a1H9gSqffcyubfl-rdbMmGQZ7k3DhbIHDWYsj4Q3XfbrkigqF5pA55zIpkxLDGja7lkQsFXDEEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjg1NDA4LDY5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzFlZTA1ZjQzIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ3XSxudWxsLDE3XSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22e945f880528100d9f6513e49382fb3f0345cd346b4212bbd26384baea2f0ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9MBki-B2mZvDSD0Ku52T2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-9MBki-B2mZvDSD0Ku52T2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx4Mjh9ezCdzYsOYlEwD5ty62"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 554D 13 KB
13 KB 237ms
127ms Font
application/octet-stream 2607:f8b0:4004:c1f::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:47:13 GMT
age: 1775
x-guploader-uploadid: ABPtcPp_MgWed0a_sY7VF7gcGx9jxgHFbQfG2u6NDNVzTCb0anbTJd_qkuXkVctrIuRFhhy_8ec
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 12 Mar 2024 23:47:13 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 554D 12 KB
13 KB 168ms
59ms Font
application/octet-stream 2607:f8b0:4004:c1f::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:47:13 GMT
age: 1775
x-guploader-uploadid: ABPtcPoUU1OpYEHGyOaOerOhzxSOzft4jNf9rgBCYdgNSC5dmG9BWMTU-ZgS-yavpQA9vyQqcw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 12 Mar 2024 23:47:13 GMT

GET
H2 200 ads.js Show response
www.adsensecustomsearchads.com/adsense/search/ Frame 42DA 138 KB
51 KB 63ms
62ms Script
text/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/search/ads.js?pac=0

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ff27f19532ac7f1f5&fexp=44759875%2C44759926%2C44759842%2C44798934%2C95326315%2C95322183%2C95324161%2C95325785%2C95326922%2C42532561%2C21404%2C17300003%2C17301383%2C17301421%2C17301431%2C17301432%2C17301436%2C71847096&client=pub-2536515702233288&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&client_gdprApplies=0&format=r5&nocache=7401710285408556&num=0&output=afd_ads&domain_name=pastebin.pl&v=3&bsl=10&pac=0&u_his=2&u_tz=-600&dt=1710285408557&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3022&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=610814804&rurl=https%3A%2F%2Fpastebin.pl%2Fview%2F1ee05f43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c27f1967bb55d4c1763234740eb0cfeee9142cf6e82a2983afe93b3b850af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "10601723183499686556"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 12 Mar 2024 23:16:48 GMT

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 3201 13 KB
13 KB 137ms
70ms Font
application/octet-stream 2607:f8b0:4004:c1f::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:47:13 GMT
age: 1775
x-guploader-uploadid: ABPtcPp_MgWed0a_sY7VF7gcGx9jxgHFbQfG2u6NDNVzTCb0anbTJd_qkuXkVctrIuRFhhy_8ec
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 12 Mar 2024 23:47:13 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 3201 12 KB
12 KB 178ms
112ms Font
application/octet-stream 2607:f8b0:4004:c1f::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:47:13 GMT
age: 1775
x-guploader-uploadid: ABPtcPoUU1OpYEHGyOaOerOhzxSOzft4jNf9rgBCYdgNSC5dmG9BWMTU-ZgS-yavpQA9vyQqcw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 12 Mar 2024 23:47:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
113ms Image
text/html 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=2549230100157898&bg=!FxSlFFvNAAZsmiNCTJo7ADQBe5WfOE3PrkTM3RD7w_JLbJ8Sn3pXsvMVqJT01pE0iZPMRyXlOMw8GYJOLM8TCgnj6rLwAgAAAE1SAAAABGgBBwoAj4TYcFM_vL3M5SjWVYIQqBzGMUgULo6ecRttiMbbVpVar4Cl0nnktvPEhZKqyX5uk3cv0aLhdoqe869AvnQwt2DqacQAgXF_-NyB25F5Y1YfaeoHk8UfPjpRIL6NnfgijchYEHzN7jYQ4DyBH5CHUOQ4sMqLANzmQUdjdi1Gq7Ibl-Reikrffcj1iMIa8hWwmQLIvuao2ZFKkd4a6SM1gTVoweDXn9vmTpSZ9_nj2gHOtCLaeLlB9LzqIZD19jAL5CcUhrv6UYAbG6Crz39SxHJGQVje1K748aTsB1Ym5GRXOQtlDYIesoNmR63IsSuj-azX6Nb8QgI7j4T8E8c572FdTFZbqGtm6mhrRffeCK8ueCUKgMkOhw2xVcvAaYO9pWAjU4ecmaBxlw3PFPaQLsRwIIHbwgTu21yHBTLjA3TsvMRRDaD4l7Yhce6zejXj_C7deH0er-U6AFHfnHFMPmadze0RI-H871PF1s_Sp6JLottzIcINqSvmjn4DW_oI8ZifP2ZPgFonusDLWX8sIts0LEEY-Z4AwzC0TKGNOClz-Czv2Q4heJrCO7zPGVo3JyE8SElI1nHIxGyJK3Ypf05-jyeH3ovi1g3PXBIEw8f5xEr_6zbkal-kN7ClPTvCJYaVFRI3kQ8nJLYgJLgJYmvRCCPI_91KGKvvAJGbOZCjHUkes81qDlc6uX9n5gxAu6oklTkyPae09D7ugkevLilL3rjEZO44_mb65gaRQD-XDa3kh_lXa5A__QfFyhKBS3hN0nnvX_GwYAtMIJZKp2eg7ViVgzhV7ke96y5tqbqPvRaSavRwUzginN-uOcCZAMY2yCWiHHWJAiTTprTWf0WgPhNNbcdc1I07P02rja8WyoZ7gzB0iJeLvGWSJhcUvGrCtTWjhwYGZBoN0ZsUMcl3XXf5QHLBrIgRFnaBiRv-rs1O3NNuGTxT6z1KSBg2EGD9eM1pHc1jMZvex_lZ0Iac6i2VF18RsAtfrHkwCy-APZWEVul_nm82D40SRezmY2fkBPf7PUl3xlIgiTUlMn_MSOoXq46OiqfuVlKGpPV90Sui8FdoP8Ax9JXQLFllhOW2Ac_rx06ywPFZPoZeL4smqu4vcogsbki02_rc-yvqjbsK6Wq7XWdB3g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 113ms
113ms Image
image/gif 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfns&evt=place&vh=1200&eid=42532561&hl=en&pvc=2549230100157898

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 23:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads2_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXgJXBGcY_1Vnt_oXolcmV9phRohr1DJPdrsvt23fUosOD4u4MKYCTbOccIwwP1UB_DcDfm8GqroNqIGBKKs9VF1o19jc6072w-DbKBOxuyrcBGkGfr3ZoiIzI3WADW4g37yPgu1xQu4b8WkDNaK56QzUpqY... 54 B
110 B 75ms
74ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXgJXBGcY_1Vnt_oXolcmV9phRohr1DJPdrsvt23fUosOD4u4MKYCTbOccIwwP1UB_DcDfm8GqroNqIGBKKs9VF1o19jc6072w-DbKBOxuyrcBGkGfr3ZoiIzI3WADW4g37yPgu1xQu4b8WkDNaK56QzUpqYnbHmYwDQ2wiJXkFu2PdJV9Dd1v9VUKt/_/ad_sticky./advhd./bnrsrv.=468x60;/ads2_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwI1hJDnoRrpPPGA0C2XADTNmznEw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a832ac2daa277f6bfbad876671524b32c9ef1e5cc64ac16ffd8791a0ce991042

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qHmEfQYgDmRyTxXIreAhSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-qHmEfQYgDmRyTxXIreAhSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx8Mjh9ezCSxoff2VEQD2rC6Z"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 58ms
57ms Script
text/javascript 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24264
x-xss-protection: 0
server: cafe
etag: 8613831024126762174
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 23:43:11 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 188ms
74ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JQ7rjq8zSnJtw6GdcGKGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-JQ7rjq8zSnJtw6GdcGKGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0ZBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJ7FjUu4YJAPijDaM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 122ms
73ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eDxZSDuBpqXGlKrleehFEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-eDxZSDuBpqXGlKrleehFEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJdJy-vZoJAPt5Dfg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 113ms
74ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CquMd3_Fh1cF0MoNAatbaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-CquMd3_Fh1cF0MoNAatbaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1pBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJTPh3ZQ0TAPn6Dh0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pastebin.pl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 110ms
72ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y7g7snqj8i2IL_KNnWkUxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y7g7snqj8i2IL_KNnWkUxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1pBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJNDw7upoJAPkbDeU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV1raNIxYddwVPtbg5EHfBCXHwTU4iJ-cZwL1zqPnBjJIBpD7obMo_SgE6-TtIbP7oZiwPazzBdXBnDO1T5-393rnCYikYW-4nqeSvxvJYZVmeRZ-_B0_uW4OE8vJyeLf50wqtTyw== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 84ms
83ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV1raNIxYddwVPtbg5EHfBCXHwTU4iJ-cZwL1zqPnBjJIBpD7obMo_SgE6-TtIbP7oZiwPazzBdXBnDO1T5-393rnCYikYW-4nqeSvxvJYZVmeRZ-_B0_uW4OE8vJyeLf50wqtTyw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjg1NDA5LDU0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcGFzdGViaW4ucGwvdmlldy8xZWUwNWY0MyIsbnVsbCxbWzgsInM3aGlHcm9NdnhVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0N10sbnVsbCwxN10iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa9d318684d15fbcc2eee95a8ce7cb6e1342072d61b21d5347cfbca118b98214

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x0s6vR14m9oCV6RYny1mhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-x0s6vR14m9oCV6RYny1mhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx8Mjh9ezCazYs3s-EwD3vy5W"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 72ms
72ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hzg6qXGF_zVWGzuFW-5Fpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-hzg6qXGF_zVWGzuFW-5Fpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJLLj88DATAPnNDiU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWvVyLpaltIuSmceyM_nyHmzt50WagT3J6EcA0zDDFqomKdKImKufmTsz9g2xIr7qy2lyo3HqGRXM0R7ZQqEjeaQehgRL0pvY5z3bC4f13jXqStljsC-PMFPhN81u6MByBRrs3VKA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 86ms
85ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWvVyLpaltIuSmceyM_nyHmzt50WagT3J6EcA0zDDFqomKdKImKufmTsz9g2xIr7qy2lyo3HqGRXM0R7ZQqEjeaQehgRL0pvY5z3bC4f13jXqStljsC-PMFPhN81u6MByBRrs3VKA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjg1NDA5LDYzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcGFzdGViaW4ucGwvdmlldy8xZWUwNWY0MyIsbnVsbCxbWzgsInM3aGlHcm9NdnhVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0N10sbnVsbCwxN10iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfaee2da7136ab6db7687db67c37ed1eac079329353211acbe6b1c37a94c1612

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5QQGQ4LRu-YTDT4Kz24Kbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-5QQGQ4LRu-YTDT4Kz24Kbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx8Mjh9ezCXRcPX2aCQD6ny6R"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVXE34FOqEspXA-b6i9agWiVHZB4l5JMbQA-_D3OY6XIBKwJjlvpyZLGf43DNYwMQn0XwXuCEzhCEbpxXVpGqENn1mE41i2tgMBvD7URwkyAJmroaYlsXjGprYgJOtWJPqneZfEww== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
87ms Script
application/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVXE34FOqEspXA-b6i9agWiVHZB4l5JMbQA-_D3OY6XIBKwJjlvpyZLGf43DNYwMQn0XwXuCEzhCEbpxXVpGqENn1mE41i2tgMBvD7URwkyAJmroaYlsXjGprYgJOtWJPqneZfEww==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjg1NDA5LDcyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzFlZTA1ZjQzIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ3XSxudWxsLDE3XSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

367e44fc63556a297140f8fcb5b5d176d15c54a99736637055e0e771d040cca4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YUty7v_zeU3wt_4blaSCjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-YUty7v_zeU3wt_4blaSCjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx8Mjh9ezCRyYtvcrEwD3By6d"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXmGNWdZCIjmKp5HqbtB0pfxrLXpKyC2QdPVvj9tcJOhYcUFOVttJVIvwmpPIUah3tIMeToBTtXnVhjP5rddyk3SXXTh_SVNnwEg2VauPqABa76O3fnjx5D59-qv-N-BDJ0lNJCbg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
57ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXmGNWdZCIjmKp5HqbtB0pfxrLXpKyC2QdPVvj9tcJOhYcUFOVttJVIvwmpPIUah3tIMeToBTtXnVhjP5rddyk3SXXTh_SVNnwEg2VauPqABa76O3fnjx5D59-qv-N-BDJ0lNJCbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HIIAhdqnAHyHE3y06NWTVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-HIIAhdqnAHyHE3y06NWTVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJPOiaMYUZAPixDaU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 65ms
64ms XHR
text/html 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoQYQrehxJnVrSEdxaI24nP2mhrcmipuOXOMWj1o2dpMsusiSYGnhdPR-k_aKDSnN4NzRH3c89o-CzZKev-bvn3serUGDnT7PWy9ljkCsXAH8Jsscb3HuQoUtY9JXW-Z5D5_T9Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u6m_yztCmoNEG1P3p2bo6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Mar 2024 23:16:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-u6m_yztCmoNEG1P3p2bo6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiqGV4xtQKxDt8PFic0mewhgCxEA_HwyOH17MJzHi2aDozAPmbDcs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastebin.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8rfg0bvjqd0hdii64s731g9dbs
.pastebin.pl/	1970-01-21 04:40:45	Name: _ga_88PKPGCEBF Value: GS1.1.1710285407.1.0.1710285407.0.0.0
.pastebin.pl/	1970-01-21 04:40:45	Name: _ga Value: GA1.1.308925357.1710285407
.pastebin.pl/	1970-01-21 03:50:21	Name: cf_clearance Value: PtLkl9omG4xxSbJlE9LpaHe5YrhhtjTYzxJPtlOWMCE-1710285407-1.0.1.1-25iOTVpqR4AwErCtfJjawDiVq41SAE_UYbvHcHcFHeaQC.5oAENQXU92oCpxFJQXMxfAk.UtZDMBz8cnf3Gg8A
.pastebin.pl/	1970-01-21 04:26:21	Name: __gsas Value: ID=98cd6b264d32cb45:T=1710285408:RT=1710285408:S=ALNI_MaxjVZaBhxQMKwWVlqn0JqKVX-ubA
.doubleclick.net/	1970-01-21 04:40:45	Name: IDE Value: AHWqTUlQr-QsLyImss3Gv0MZyIC4Rc9OyMwuO9pkHMrZ-kG1q6CmBnZHTIGQ5Zr3oto
.pastebin.pl/	1970-01-21 04:26:21	Name: __gads Value: ID=f211a59af78c3cbb:T=1710285408:RT=1710285408:S=ALNI_MbG0qDAevQZwGgX3-PkEpd3lrJVmQ
.pastebin.pl/	1970-01-21 04:26:21	Name: __gpi Value: UID=00000dd1f779d238:T=1710285408:RT=1710285408:S=ALNI_MbL8Nmso1qH20ObcSBuMsNI52OGpw
.pastebin.pl/	1970-01-20 23:23:57	Name: __eoi Value: ID=cc40228096f992b6:T=1710285408:RT=1710285408:S=AA-AfjbZhy6IedliAMQRYvHEVMGU
.pastebin.pl/	1970-01-21 03:50:21	Name: FCNEC Value: %5B%5B%22AKsRol_nA5J5983z0x7-6WzJFhB6G0zrGBmWyqRSWtN6ACx4fcnQ7IPHaXjucN0YlEHZBP86pCtrhdHnrCQdT5zRahcDji-AkKArSXAO0cwDrebmdz0pybpieFIyCV3oNdCRGRV5Fuzp4ujF4V55i440gzwWucjJIQ%3D%3D%22%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 198) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pastebin.pl/view/1ee05f43 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pastebin.pl
storage.googleapis.com
tpc.googlesyndication.com
www.adsensecustomsearchads.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:3030::6815:2e4c
2606:4700:3034::ac43:8868
2607:f8b0:4004:c06::93
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::71
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::8b
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1f::9b
2607:f8b0:4004:c1f::cf
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
197498e7aa14b770c461708cd705e8f9c81e2c3d86a113b4cd9e5b3e02777fab
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
22e945f880528100d9f6513e49382fb3f0345cd346b4212bbd26384baea2f0ef
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e44543461c601a87a77b58d66438e83b2308d3d23ab497e17ffc366709ac4ff
367e44fc63556a297140f8fcb5b5d176d15c54a99736637055e0e771d040cca4
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
514df391d5eef5f958a878428c1ee7e8dd402946d3e3ffe2d7303f92ed3e6017
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cb4d9f1384c6b4146b0e46838e72877dd1c3a816656ab3ff51b72debd3a41f
6520deae8dd31d99705df63e05719e1627796407bd561c9499f2b55f7d96ad73
6527c0dfac628df7495c76f03acfa3c55ca9a637d06203eaa7be0b640a4650b5
672c1f9734c5efa3b342c282727a070381a6b3f81b16fdcfeedf0869e8b2154a
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
7e8048dadfca5b1b09d5eb01b7fabcc736af2cd57009d88c37213d1e42103860
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d4012cfa081c7c625559508cb064f82fb18fad3b862fb9dea37e3bc6299ac2a
93c0199fdf76f4d1d5dd792c585497312ef51a1b00dc7e397000f92b1b60521c
9405171091ec4b61249f82b24004510ce76970fe0525a672e061dd0b3c8f216e
9503b5587075d4728becbb607d2f94d18d18a75f62229b96516b9b70b31997c4
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9ba076cf930d261a414e0b41cd897baff1faa8d913f335be50866fabdf24cfd7
a832ac2daa277f6bfbad876671524b32c9ef1e5cc64ac16ffd8791a0ce991042
aa9d318684d15fbcc2eee95a8ce7cb6e1342072d61b21d5347cfbca118b98214
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
ca5f9004dd9f38e2875acd8ef60dfcf07a7efb02960942ce72375ca958f4d5b1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfaee2da7136ab6db7687db67c37ed1eac079329353211acbe6b1c37a94c1612
d0c27f1967bb55d4c1763234740eb0cfeee9142cf6e82a2983afe93b3b850af5
d2d2eaace9b5724aa7c577073b1bcac20903ef31e39ffca167ebfd4274b21682
d3fcc892e87d8d00b36c949db8c7b5a98a0d7cf7d4c5eff3d3dbb86a071db0d4
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d6c25e40a6111fbb3ce9c127a8a7b9f0907e45cfa4224ef26915e88cc247bdca
dd8ff891dca1c2bba51d62f64fa6328bb9e618a69f483289836150e80112dbdc
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95c14b8e6df0b221d75bb085adaa3501eac433d0bfdb2d9a1d6bbd7ee6c992a
ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422

pastebin.pl Open in urlscan Pro 2606:4700:3030::6815:2e4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

100 %IPv6

9 Domains

12 Subdomains

12 IPs

1 Countries

891 kBTransfer

2401 kBSize

10 Cookies

9 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

pastebin.pl Open in urlscan Pro
2606:4700:3030::6815:2e4c Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

100 %
IPv6

9
Domains

12
Subdomains

12
IPs

1
Countries

891 kB
Transfer

2401 kB
Size

10
Cookies

67 HTTP transactions
0 data transactions