95.217.20.137 Open in urlscan Pro
95.217.20.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://95.217.20.137/
Effective URL:
http://95.217.20.137/Sqpi5hjd.html
Submission: On January 31 via manual (January 31st 2020, 11:30:39 pm UTC) from FI

Summary HTTP 67 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 14 domains to perform 67 HTTP transactions. The main IP is 95.217.20.137, located in Finland and belongs to HETZNER-AS, DE. The main domain is 95.217.20.137.

This is the only time 95.217.20.137 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	95.217.20.137 95.217.20.137	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:86c0:203... 2a00:86c0:2036:2036::144	2906 (AS-SSI) (AS-SSI)
1 2	2a00:14c0:1:3... 2a00:14c0:1:307:aa51::138	35382 (CAPNOVA-AS) (CAPNOVA-AS)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
6	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	95.100.79.150 95.100.79.150	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2)
2	23.37.58.95 23.37.58.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6814:438f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
2	50.31.142.95 50.31.142.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
67	19

21 95.217.20.137 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.137.20.217.95.clients.your-server.de

95.217.20.137	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2036:2036::144 (United Kingdom)

ASN2906 (AS-SSI, US)

occ-0-1500-1501.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:14c0:1:307:aa51::138 (Finland) 1 redirects

ASN35382 (CAPNOVA-AS, FI)

eroakirkosta.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.79.150 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-79-150.deploy.static.akamaitechnologies.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.58.95 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-58-95.deploy.static.akamaitechnologies.com

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:438f (United States)

ASN13335 (CLOUDFLARENET, US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	outbrain.com widgets.outbrain.com Failed odb.outbrain.com mcdp-chidc2.outbrain.com	59 KB
6	doubleclick.net securepubads.g.doubleclick.net	113 KB
4	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	57 KB
3	google-analytics.com www.google-analytics.com	36 KB
2	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	667 B
2	tribalfusion.com a.tribalfusion.com	2 KB
2	google.com adservice.google.com	949 B
2	google.be adservice.google.be	949 B
2	exponential.com tags.expo9.exponential.com Failed	28 KB
2	googletagmanager.com www.googletagmanager.com	56 KB
2	eroakirkosta.fi 1 redirects eroakirkosta.fi	293 B
1	pastebin.com pastebin.com
1	servedby-buysellads.com m.servedby-buysellads.com Failed	15 KB
1	nflxso.net occ-0-1500-1501.1.nflxso.net	14 KB
67	14

	Domain	Requested by
8	widgets.outbrain.com	95.217.20.137 widgets.outbrain.com
6	securepubads.g.doubleclick.net	95.217.20.137 securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com 95.217.20.137
2	images.outbrainimg.com	95.217.20.137
2	mcdp-chidc2.outbrain.com	widgets.outbrain.com
2	odb.outbrain.com	widgets.outbrain.com
2	a.tribalfusion.com	tags.expo9.exponential.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.be	securepubads.g.doubleclick.net
2	tags.expo9.exponential.com	95.217.20.137
2	www.googletagmanager.com	95.217.20.137
2	eroakirkosta.fi	1 redirects 95.217.20.137
1	log.outbrainimg.com	widgets.outbrain.com
1	pagead2.googlesyndication.com	95.217.20.137
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	pastebin.com	a.tribalfusion.com
1	m.servedby-buysellads.com	95.217.20.137
1	occ-0-1500-1501.1.nflxso.net	95.217.20.137
67	19

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
bs.serving-sys.com
www.outbrain.com
creativecommons.org
favpng.com
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.1.nflxso.net DigiCert SHA2 Secure Server CA	`2020-01-19` - `2020-02-22`	a month	crt.sh
eroakirkosta.fi COMODO RSA Domain Validation Secure Server CA	`2017-11-30` - `2020-11-30`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2019-02-24` - `2020-05-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://95.217.20.137/Sqpi5hjd.html
Frame ID: CD4DFDD835755B9B088F819FE028B3BE
Requests: 41 HTTP requests in this frame

Frame: https://eroakirkosta.fi/dynamic/index.php/
Frame ID: DBA9B5B99BE817A2ED08CBA8A163D595
Requests: 1 HTTP requests in this frame

Frame: http://95.217.20.137/Sqpi5hjd.html
Frame ID: 1F42F5A9DF79B0F9466B14CECD44A22F
Requests: 20 HTTP requests in this frame

Frame: http://pastebin.com/adserver/160x600_custom_safe.php
Frame ID: D179CD044C94F5F59442A5A3A61896D4
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 1F150A4E72676C2681D474B3F46CB572
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 56DE6C0F36674F5ED4C4EF65479A7CA0
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 3CDEFE3CE424B583F814A64E63F81CB9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 0701C7F4623CB7E0E39908CCC71AD31E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://95.217.20.137/ Page URL
http://95.217.20.137/Sqpi5hjd.html Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

52 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

19
IPs

6
Countries

531 kB
Transfer

2169 kB
Size

9
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: DEALS

Search URL Search Domain Scan URL

URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=trd&pli=1075221887&adid=1079823845&ord=[timestamp]&obOrigUrl=true
Title: Ontdek de Nissan QASHQAI N-TEC en geniet nu van onze Saloncondities Sponsored - Nissan QASHQAI N-TEC

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=trd&pli=1075201286&adid=1079774867&ord=[timestamp]&obOrigUrl=true
Title: Speciale Salon lanceringscondities: vanaf €18.990* Nieuwe Nissan JUKE

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: https://favpng.com/
Title: FavPNG

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://95.217.20.137/ Page URL
http://95.217.20.137/Sqpi5hjd.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://eroakirkosta.fi/ HTTP 302
https://eroakirkosta.fi/dynamic/index.php/

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
95.217.20.137/ 630 B
727 B 97ms
83ms Document
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a5308614848e4fd327b3aebc1c499ca51ac8e5e46f74bd6709364c72dce0dcb3

Request headers

Host: 95.217.20.137
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 31 Jan 2020 23:29:54 GMT
ETag: "276-59d77f3787a41-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 390
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK eleven.png
95.217.20.137/ 111 KB
112 KB 48ms
48ms Image
image/png 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/eleven.png
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ddab6901a1aea8af17b8c24333e445185fb648f7453746e22310a4677ca87a1e

Request headers

Referer: http://95.217.20.137/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Last-Modified: Fri, 31 Jan 2020 22:56:10 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1bd86-59d777ac5b680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 114054

GET
H/1.1 200
OK AAAABaWcHozPPNGNp0cpdCAI785ldMHE8X_FsUR0TAajgtH0khrcreivAnwiXZH_e6Q1_AiFjIye7-ZenaCQudFkmqN9SS7T98q0RD_2WOo7rP9NRXs1.jpg
occ-0-1500-1501.1.nflxso.net/dnm/api/v6/9pS1daC2n6UGc3dUogvWIPMR_OU/ 14 KB
14 KB 121ms
36ms Image
image/jpeg 2a00:86c0:2036:2036::144
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occ-0-1500-1501.1.nflxso.net/dnm/api/v6/9pS1daC2n6UGc3dUogvWIPMR_OU/AAAABaWcHozPPNGNp0cpdCAI785ldMHE8X_FsUR0TAajgtH0khrcreivAnwiXZH_e6Q1_AiFjIye7-ZenaCQudFkmqN9SS7T98q0RD_2WOo7rP9NRXs1.jpg?r=573

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:86c0:2036:2036::144 , United Kingdom, ASN2906 (AS-SSI, US),

Reverse DNS

Software

nginx /

Resource Hash

e2a850fb1010b9b5e948bfcb61f6947ec2087c6e9351df77bf72cbf44a635e57

Security Headers

Name	Value
X-Xss-Protection	1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport

Request headers

Referer: http://95.217.20.137/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: no-transform, max-age=31103395
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14229
X-XSS-Protection: 1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport
Expires: Sun, 27 Sep 2020 19:16:11 GMT

GET
H/1.1 200
OK 100MB.bin
95.217.20.137/ 12 KB
12 KB 97ms
84ms Image
application/octet-stream 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/100MB.bin
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://95.217.20.137/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Last-Modified: Tue, 08 Oct 2013 11:48:13 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6400000-4e83957f07940"
Content-Type: application/octet-stream
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 104857600

GET
H/1.1 200
OK Sample-png-image-30mb.png
95.217.20.137/ 891 KB
0 101ms
84ms Image
image/png 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/Sample-png-image-30mb.png
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Last-Modified: Thu, 14 Sep 2017 18:52:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1f64433-5592ac5961880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32916531

GET
H/1.1

200
OK

/
eroakirkosta.fi/dynamic/index.php/ Frame DBA9
Redirect Chain

https://eroakirkosta.fi/
https://eroakirkosta.fi/dynamic/index.php/

0
0

37ms
37ms

Document
text/html

2a00:14c0:1:307:aa51::138
CAPNOVA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eroakirkosta.fi/dynamic/index.php/
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2a00:14c0:1:307:aa51::138 , Finland, ASN35382 (CAPNOVA-AS, FI),
Reverse DNS
Software: Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u8
Resource Hash

Request headers

Host: eroakirkosta.fi
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://95.217.20.137/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/

Response headers

Date: Fri, 31 Jan 2020 23:28:22 GMT
Server: Apache/2.4.10 (Debian)
X-Powered-By: PHP/5.6.40-0+deb8u8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=iso-8859-15
X-Varnish: 3159436 6771040
Age: 118
Via: 1.1 varnish-v4
Content-Length: 2623
Connection: keep-alive
Accept-Ranges: bytes

Redirect headers

Date: Fri, 31 Jan 2020 23:29:52 GMT
Server: Apache/2.4.10 (Debian)
Location: https://eroakirkosta.fi/dynamic/index.php/
Content-Type: text/html; charset=iso-8859-1
X-Varnish: 3159435 3159420
Age: 27
Via: 1.1 varnish-v4
Content-Length: 312
Connection: keep-alive

GET
H/1.1 200
OK Sqpi5hjd.html Show response
95.217.20.137/ Frame 1F42 53 KB
11 KB 93ms
83ms Document
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/Sqpi5hjd.html
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2565e96465279e26f6ad4aa2ff092524ec3c52a15ccf63dd16b0b25ee611301e

Request headers

Host: 95.217.20.137
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://95.217.20.137/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 31 Jan 2020 23:29:16 GMT
ETag: "d4d6-59d77f12bc37a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10761
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F42 74 KB
28 KB 27ms
16ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46dfbffed6c1f580ee8d4b90ebf9bcb82788d0a63c41706017c093e88958ac17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:19 GMT
content-encoding: br
last-modified: Fri, 31 Jan 2020 21:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28429
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:19 GMT

GET
H/1.1 404
Not Found jquery.min.js
95.217.20.137/js/ Frame 1F42 0
0 47ms
46ms Script
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/js/jquery.min.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found pastebin.min.v3.js
95.217.20.137/js/ Frame 1F42 0
0 92ms
78ms Script
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/js/pastebin.min.v3.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1F42 53 KB
16 KB 78ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "415 / 124 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16246
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:19 GMT

GET
H/1.1 404
Not Found pastebin.min.v9.css
95.217.20.137/i/ Frame 1F42 0
0 90ms
77ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/i/pastebin.min.v9.css?1575389335
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found text.css
95.217.20.137/cache/css_lang/ Frame 1F42 0
0 91ms
78ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/cache/css_lang/text.css
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found t.gif
95.217.20.137/i/ Frame 1F42 275 B
275 B 51ms
50ms Image
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/i/t.gif
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET tags.js
tags.expo9.exponential.com/tags/PastebincomNew/Sure/ Frame 1F42 0
0

GET outbrain.js
widgets.outbrain.com/ Frame 1F42 0
0

GET
H/1.1 404
Not Found hello.png
95.217.20.137/i/ Frame 1F42 275 B
275 B 51ms
50ms Image
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/i/hello.png
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET tags.js
tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/ Frame 1F42 0
0

GET monetization.js
m.servedby-buysellads.com/ Frame 1F42 0
0

GET
H2 200 analytics.js
www.google-analytics.com/ Frame 1F42 44 KB
18 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 221
date: Fri, 31 Jan 2020 23:26:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Sat, 01 Feb 2020 01:26:39 GMT

GET
H/1.1 404
Not Found pastebin.min.v9.css
95.217.20.137/i/ Frame 1F42 0
0 48ms
48ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/i/pastebin.min.v9.css?1575389335
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found text.css
95.217.20.137/cache/css_lang/ Frame 1F42 0
0 48ms
47ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/cache/css_lang/text.css
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 integrator.js
adservice.google.be/adsid/ Frame 1F42 109 B
778 B 53ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=95.217.20.137

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1F42 109 B
778 B 27ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=95.217.20.137

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020012701.js
securepubads.g.doubleclick.net/gpt/ Frame 1F42 94 KB
0 32ms
32ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:20 GMT

GET
H/1.1 200
OK Primary Request Sqpi5hjd.html Show response
95.217.20.137/ 53 KB
11 KB 52ms
52ms Document
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/Sqpi5hjd.html
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2565e96465279e26f6ad4aa2ff092524ec3c52a15ccf63dd16b0b25ee611301e

Request headers

Host: 95.217.20.137
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 31 Jan 2020 23:29:16 GMT
ETag: "d4d6-59d77f12bc37a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10761
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET collect
www.google-analytics.com/r/ Frame 1F42 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46dfbffed6c1f580ee8d4b90ebf9bcb82788d0a63c41706017c093e88958ac17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: br
last-modified: Fri, 31 Jan 2020 21:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28429
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:20 GMT

GET
H/1.1 404
Not Found jquery.min.js
95.217.20.137/js/ 0
0 62ms
61ms Script
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/js/jquery.min.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found pastebin.min.v3.js
95.217.20.137/js/ 0
0 63ms
62ms Script
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/js/pastebin.min.v3.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
16 KB 41ms
40ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

33b2093f53c439e77d2e07d4948f81a7b6d0705d1f430594f0b94abba66db1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "415 / 535 of 1000 / last-modified: 1580409211"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16246
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:20 GMT

GET
H/1.1 404
Not Found pastebin.min.v9.css
95.217.20.137/i/ 0
0 64ms
63ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/i/pastebin.min.v9.css?1575389335
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found text.css
95.217.20.137/cache/css_lang/ 0
0 65ms
65ms Stylesheet
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://95.217.20.137/cache/css_lang/text.css
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found t.gif
95.217.20.137/i/ 275 B
275 B 56ms
55ms Image
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/i/t.gif
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf2205df60401c4cda37db3228718719f5a06e17fe92fe5120e3f73308a92f52

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/PastebincomNew/Sure/ 59 KB
14 KB 238ms
217ms Script
application/x-javascript 95.100.79.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.100.79.150 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-79-150.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a0787d44063ccdb37c9b65d492826706e607ab2f4b3896d0107e1ef30558c789

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 8
ETag: 8987474507834059071
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Tue, 03 Sep 2019 17:28:09 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13984
Expires: Sat, 01 Feb 2020 00:30:20 GMT

GET
H/1.1 200
OK outbrain.js Show response
widgets.outbrain.com/ 118 KB
40 KB 109ms
40ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: df29183704679e9e6b80babcef194379d478a27379db07b380acdf6ff46b4cd7

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2020 14:30:45 GMT
ETag: W/"1d6ff-9GzU1b6WQqkszCwHbIyEEhnx4MI"
Vary: Accept-Encoding
Edge-Cache-Tag: widget-cheetah
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 40506

GET
H/1.1 404
Not Found hello.png
95.217.20.137/i/ 275 B
275 B 55ms
55ms Image
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/i/hello.png
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf2205df60401c4cda37db3228718719f5a06e17fe92fe5120e3f73308a92f52

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/ 59 KB
14 KB 220ms
200ms Script
application/x-javascript 95.100.79.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/tags.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.100.79.150 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-79-150.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3783561c904738e7defde17aaae8e911815070b0f1ad32ec646ae957be540d28

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 101
ETag: 10438544479000319717
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Tue, 03 Sep 2019 17:28:09 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13989
Expires: Sat, 01 Feb 2020 00:30:20 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 55 KB
15 KB 69ms
45ms Script
application/javascript 108.161.189.78
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7e7b17e13dd03d519f88050a16ef4f3b50a9bf25f889c949d4376436db40323c

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Nov 2019 17:07:23 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 37E269C3AF2F5E9A
ETag: W/"f1e37f26673275e6067c026e595b148f"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: tkCrL8NRm2WUDbku6GK5GJZNJMAk775b1aGO+ku4Zc0K8JB6UmawYPWOWhGlOHwRjrKrsVsRPnE=
Expires: Sat, 01 Feb 2020 23:30:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 221
date: Fri, 31 Jan 2020 23:26:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Sat, 01 Feb 2020 01:26:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=95.217.20.137

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=95.217.20.137

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_modern_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 148 KB
56 KB 47ms
46ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020013001.js?21065316

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d4b937c4c0e4e584c9ddbb4e8071394ed70bd7c861e6a27201b930420d0faee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57458
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:20 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
196 B 5ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=192924029&t=pageview&_s=1&dl=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&ul=en-us&de=UTF-8&dt=IPTV%20100%25%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAUAB~&jid=&gjid=&cid=457186530.1580513420&tid=UA-58643-34&_gid=232740231.1580513420&gtm=2ou1m0&z=525279452

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 06:05:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62673
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ 679 B
1 KB 244ms
230ms Script
application/x-javascript 23.37.58.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.8&th=9066550090
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Protocol: HTTP/1.1
Server: 23.37.58.95 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-58-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e178aa29d14dfb7c469fb9f22c7e2fb51de969cb3ca6610d47d44a8993871595

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 840
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 333
Expires: Thu, 30 Apr 2020 23:30:20 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 191 B
900 B 199ms
198ms Script
application/x-javascript 23.37.58.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9066550090&tagKey=3675599494&site=pastebincomnew&adSpace=sure&center=1&size=160x600,120x600&env=display&url=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&f=0&p=13343731&tKey=aUmneM2qUl2H6y4mZbZbmUUJTrr7RyCRFs&a=1&adContainerId=richmedia_2&rnd=13347412
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Protocol: HTTP/1.1
Server: 23.37.58.95 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-58-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf4b2a9cef04c8838412657549d3182e4d812540d97754398a056e6804568458

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 23:30:20 GMT
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 90
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 171
Expires: 0

GET
H/1.1 200
OK Cookie set 160x600_custom_safe.php
pastebin.com/adserver/ Frame D179 0
0 292ms
284ms Document
text/html 2606:4700:10::6814:438f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://pastebin.com/adserver/160x600_custom_safe.php

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9066550090&tagKey=3675599494&site=pastebincomnew&adSpace=sure&center=1&size=160x600,120x600&env=display&url=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&f=0&p=13343731&tKey=aUmneM2qUl2H6y4mZbZbmUUJTrr7RyCRFs&a=1&adContainerId=richmedia_2&rnd=13347412

Protocol

HTTP/1.1

Server

2606:4700:10::6814:438f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: pastebin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Date: Fri, 31 Jan 2020 23:30:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dac615288c8c7f5a6bbd5eebada7f19891580513420; expires=Sun, 01-Mar-20 23:30:20 GMT; path=/; domain=.pastebin.com; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 55df79106afe96b6-FRA

GET
H/1.1 404
Not Found t.gif
95.217.20.137/i/ 275 B
275 B 47ms
47ms Image
text/html 95.217.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://95.217.20.137/i/t.gif
Requested by: Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html
Protocol: HTTP/1.1
Server: 95.217.20.137 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.217.95.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf2205df60401c4cda37db3228718719f5a06e17fe92fe5120e3f73308a92f52

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 1F15 0
0 24ms
24ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate, br
Cookie: akacd_widgets_routing=3757966219~rv=7~id=ba269baa3f79c2823897052319f7efc0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "c0311cf15c21ddda054005e92fad3f9e:1580484046.930432"
Last-Modified: Fri, 31 Jan 2020 14:30:07 GMT
Server: AkamaiNetStorage
Content-Length: 416
Cache-Control: max-age=604800
Date: Fri, 31 Jan 2020 23:30:20 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK OTUuMjE3LjIwLjEzNw== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
477 B 516ms
465ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/OTUuMjE3LjIwLjEzNw==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html
Origin: http://95.217.20.137

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43180
Date: Fri, 31 Jan 2020 23:30:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: false
Content-Length: 16
Expires: Sat, 01 Feb 2020 11:30:01 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 407 B
722 B 51ms
51ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3604401255069194&correlator=1018638589129125&output=ldjh&impl=fifs&adsid=NT&eid=21065316%2C21065477%2C21065318%2C21065390%2C21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200131&iu_parts=7346874%2CHellobar-adunits%2C176&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cookie_enabled=1&bc=23&abxe=1&lmt=1580513356&dt=1580513420931&dlt=1580513420073&idt=162&frm=20&biw=1585&bih=1200&oid=3&adxs=8&adys=7293&adks=3777814511&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&ref=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&dssz=25&icsg=65705220&mso=1088&std=0&csl=92&vis=1&scr_x=0&scr_y=0&psz=1569x7278&msz=1x-1&ga_vid=457186530.1580513420&ga_sid=1580513421&ga_hid=192924029&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020013001.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

0e17a8eb082f59fc73f9b791ec84f19b2530dea8479b0d57f04ad77f408469e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html
Origin: http://95.217.20.137

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://95.217.20.137
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_modern_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 31ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020013001.js?21065316

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020013001.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

4efd41e9ff8d60655170f3c6879547f784c6a2d25675710f0e47399d6d3f09d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24730
x-xss-protection: 0
expires: Fri, 31 Jan 2020 23:30:20 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020013001.js?21065316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
667 B 34ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3604401255069194&r=1x1&w=0&h=0

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 23:30:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
344 B 352ms
88ms XHR
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1580513421111&sessionId=8f76accd-b24c-e04f-ae14-875b66590821&url=95.217.20.137&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html
Origin: http://95.217.20.137

Response headers

Pragma: no-cache
Date: Fri, 31 Jan 2020 23:30:21 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
X-TraceId: acd16a4b1ca569a1593b90fba5e520c3
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 16 KB
6 KB 257ms
207ms Script
text/x-json 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=www.affinity.com%2Fpastebin.com&settings=true&recs=true&widgetJSId=AR_6&key=NANOWDGT01&idx=0&version=1050126&apv=false&sig=P0APlS2K&format=html&va=true&rand=95385&pdobuid=-1&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=0&ccpaStat=0&ref=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&px=8&py=1250&vpd=50

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc1cd8a06fd10e7688d3a530e163ae610eaafe35ab8a8f7e18575a4b92cace52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-traceid: 88d55a4b8b77cfe07ba9a7fa8b2ffcf9
content-length: 5212
x-served-by: cache-mdw17370-MDW, cache-fra19150-FRA
pragma: no-cache
x-timer: S1580513421.225727,VS0,VE183
date: Fri, 31 Jan 2020 23:30:21 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
backend-ip: 157.52.75.70
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 56DE 0
0 53ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate, br
Cookie: akacd_widgets_routing=3757966219~rv=7~id=ba269baa3f79c2823897052319f7efc0; recs_743cf98419e92f26f96fea8e6a8fd0fb=0B2275824153ACD1; obuid=53408833-df68-44ba-8307-d790c1a83f5f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified: Sun, 20 Aug 2017 06:45:01 GMT
Server: AkamaiNetStorage
Content-Length: 361
Cache-Control: max-age=604800
Date: Fri, 31 Jan 2020 23:30:21 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 25ms
24ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:21 GMT
Last-Modified: Fri, 31 Jan 2020 14:30:07 GMT
Server: AkamaiNetStorage
ETag: "c52b07e749f7a09fa7b97b7e195e06ce:1580483837.028116"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2326

GET
H/1.1 200
OK achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 72ms
24ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:21 GMT
Last-Modified: Fri, 31 Jan 2020 14:30:07 GMT
Server: AkamaiNetStorage
ETag: "9d26fa4e7238ed94f1d0d92afb453b3e:1580483816.809208"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2735

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 4 B
377 B 437ms
109ms XHR
application/json 50.31.142.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-chidc2.outbrain.com/l?token=d20d172f1d92e8b0b031f891cf528c8a_34937_1580513421348&tm=516&eT=0&widgetWidth=730&widgetHeight=92&widgetX=0&widgetY=1235&tpcs=0&wRV=1050126&pVis=1&lsd=53408833-df68-44ba-8307-d790c1a83f5f&eIdx=&cheq=0&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.31.142.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html
Origin: http://95.217.20.137

Response headers

Date: Fri, 31 Jan 2020 23:30:21 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Connection: close
X-TraceId: 73990b29ccc2685946d309e2848166fe
Content-Length: 30

GET
H2 200 get Show response
odb.outbrain.com/utils/ 14 KB
5 KB 257ms
257ms Script
text/x-json 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=www.affinity.com%2Fpastebin.com&settings=true&recs=true&widgetJSId=AR_3&key=NANOWDGT01&idx=1&version=1050126&apv=true&sig=P0APlS2K&format=html&va=true&rand=91561&lsd=53408833-df68-44ba-8307-d790c1a83f5f&lsdt=1580513421422&pdobuid=-1&osLang=en-US&t=ZDIwZDE3MmYxZDkyZThiMGIwMzFmODkxY2Y1MjhjOGE=&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=0&ccpaStat=0&ref=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&px=8&py=6860&vpd=5660

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c631013867e93643c904390226525951ab06e3b63732a526614c3bf80780992d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-traceid: 1b15692ab3bd449a5f004bc7178bf454
content-length: 4819
x-served-by: cache-mdw17356-MDW, cache-fra19150-FRA
pragma: no-cache
x-timer: S1580513421.443769,VS0,VE234
date: Fri, 31 Jan 2020 23:30:21 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
backend-ip: 157.52.75.56
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK eyJpdSI6IjE5YmUzOTAwYTg3ZjAwY2M5NGNkZTQ3ZWE4N2UxNDNkYzYxNGM3NTFhM2MxY2NhNTc2OWNhMzA0YzZkNzU5MjIiLCJ3IjoyMTgsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 86ms
36ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5YmUzOTAwYTg3ZjAwY2M5NGNkZTQ3ZWE4N2UxNDNkYzYxNGM3NTFhM2MxY2NhNTc2OWNhMzA0YzZkNzU5MjIiLCJ3IjoyMTgsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

a32949918dd53cb02f3a047a0aca655890fddaa1ea0b354e4fba59415734870e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 10:18:12 GMT
Date: Fri, 31 Jan 2020 23:30:21 GMT
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=2347294
Connection: keep-alive
X-TraceId: 2b405c0bacc672b707bc254c857ababb
Timing-Allow-Origin: *
Content-Length: 11344

GET
H/1.1 200
OK obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 3CDE 0
0 64ms
25ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate, br
Cookie: akacd_widgets_routing=3757966219~rv=7~id=ba269baa3f79c2823897052319f7efc0; recs_743cf98419e92f26f96fea8e6a8fd0fb=0B2275824153ACD1; obuid=53408833-df68-44ba-8307-d790c1a83f5f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "356be3eaabfae643cce91ded40704c99:1579614658"
Last-Modified: Tue, 21 Jan 2020 13:50:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Date: Fri, 31 Jan 2020 23:30:21 GMT
Content-Length: 3555
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0701 0
0 25ms
24ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://95.217.20.137/Sqpi5hjd.html
Accept-Encoding: gzip, deflate, br
Cookie: akacd_widgets_routing=3757966219~rv=7~id=ba269baa3f79c2823897052319f7efc0; obuid=53408833-df68-44ba-8307-d790c1a83f5f; OB-SYNC=1580772621504; recs_743cf98419e92f26f96fea8e6a8fd0fb=0B2275824153AC1B2607794930ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified: Sun, 20 Aug 2017 06:45:01 GMT
Server: AkamaiNetStorage
Content-Length: 361
Cache-Control: max-age=604800
Date: Fri, 31 Jan 2020 23:30:21 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 1 KB
2 KB 25ms
25ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 23:30:21 GMT
Last-Modified: Fri, 31 Jan 2020 14:30:07 GMT
Server: AkamaiNetStorage
ETag: "96dd1eed1ecd3297bab335082e4a072e:1580483832.816021"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1524

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 4 B
377 B 422ms
107ms XHR
application/json 50.31.142.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-chidc2.outbrain.com/l?token=aa026d4dc41c617189aed2d1d67020c5_34937_1580513421610&tm=782&eT=0&widgetWidth=302&widgetHeight=252&widgetX=0&widgetY=6845&wRV=1050126&pVis=1&lsd=53408833-df68-44ba-8307-d790c1a83f5f&eIdx=&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.31.142.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://95.217.20.137/Sqpi5hjd.html
Origin: http://95.217.20.137

Response headers

Date: Fri, 31 Jan 2020 23:30:22 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Connection: close
X-TraceId: 538117d7fc9118d879292f0d4a1bb85c
Content-Length: 30

GET
H/1.1 200
OK eyJpdSI6ImZkMDE1NmM0ZTRkNjMwZjYzOWY0YTllZjliMjQ5YzY5NWFkODA0NTA4NDE0YzVjYTQ4NWViOWE0ODE0MDNkOGIiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 45 KB
45 KB 36ms
36ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZkMDE1NmM0ZTRkNjMwZjYzOWY0YTllZjliMjQ5YzY5NWFkODA0NTA4NDE0YzVjYTQ4NWViOWE0ODE0MDNkOGIiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: 95.217.20.137
URL: http://95.217.20.137/Sqpi5hjd.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

f81b2cea67b24d7283e294d5a0e2d078d9a53e24dcef5a72dc99b7b3896a4447

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: http://95.217.20.137/Sqpi5hjd.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 10:18:12 GMT
Date: Fri, 31 Jan 2020 23:30:21 GMT
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=2329447
Connection: keep-alive
X-TraceId: 3ae9986e736b00c531560918c1fd284a
Timing-Allow-Origin: *
Content-Length: 45872

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js

Domain: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Domain: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/tags.js

Domain: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2103903959&t=pageview&_s=1&dl=http%3A%2F%2F95.217.20.137%2FSqpi5hjd.html&ul=en-us&de=UTF-8&dt=IPTV%20100%25%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=285x150&je=0&_u=IEBAAUAB~&jid=1711512368&gjid=336368415&cid=457186530.1580513420&tid=UA-58643-34&_gid=232740231.1580513420&_r=1&gtm=2ou1m0&z=1321222270

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.outbrain.com/	1970-01-19 07:45:05	Name: bdswch Value: 9bf47241-316e-4059-8b86-a57ccc5fe4dd
.outbrain.com/	1970-01-19 09:11:29	Name: obuid Value: d734e3bc-dd1e-4593-b5b4-112942ddeb5f
.outbrain.com/	1970-01-19 07:45:05	Name: actvagnt Value: 6788253454098626706
.outbrain.com/	1970-01-19 07:45:05	Name: pwrlnks Value: MguQCJc38D9NfyxuLxpZpRZdzcsi77YvWkbXPd-n7EQ=
.outbrain.com/	1970-01-19 07:45:05	Name: mdfrc Value: d227941a-1581-4405-848c-53af69d3f4e4
.outbrain.com/	1970-01-19 07:45:05	Name: ttd Value: 5a3abf10-fff5-4ed6-94b4-4aea9cccf7e8
pastebin.com/	1970-01-19 07:03:19	Name: visitorGeo Value: DE
.outbrain.com/	1970-01-19 07:45:05	Name: rtbhs Value: mqpwtas00hhZBonJR5hc
.pastebin.com/	1970-01-20 00:33:05	Name: __gads Value: ID=2bfd6ec73179c95b:T=1580513421:S=ALNI_MZ3QlRJWpF5JC2Z5T2eUMLM3Uz-ig

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.be
adservice.google.com
eroakirkosta.fi
images.outbrainimg.com
log.outbrainimg.com
m.servedby-buysellads.com
mcdp-chidc2.outbrain.com
occ-0-1500-1501.1.nflxso.net
odb.outbrain.com
pagead2.googlesyndication.com
pastebin.com
securepubads.g.doubleclick.net
tags.expo9.exponential.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google-analytics.com
www.googletagmanager.com
m.servedby-buysellads.com
tags.expo9.exponential.com
widgets.outbrain.com
www.google-analytics.com
108.161.189.78
151.101.14.2
2.18.232.28
2.18.234.190
216.58.207.34
23.37.58.95
2606:4700:10::6814:438f
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:14c0:1:307:aa51::138
2a00:86c0:2036:2036::144
50.31.142.95
70.42.32.63
95.100.79.150
95.217.20.137
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e17a8eb082f59fc73f9b791ec84f19b2530dea8479b0d57f04ad77f408469e2
2565e96465279e26f6ad4aa2ff092524ec3c52a15ccf63dd16b0b25ee611301e
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
33b2093f53c439e77d2e07d4948f81a7b6d0705d1f430594f0b94abba66db1af
3783561c904738e7defde17aaae8e911815070b0f1ad32ec646ae957be540d28
46dfbffed6c1f580ee8d4b90ebf9bcb82788d0a63c41706017c093e88958ac17
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4efd41e9ff8d60655170f3c6879547f784c6a2d25675710f0e47399d6d3f09d8
76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005
77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67
7e7b17e13dd03d519f88050a16ef4f3b50a9bf25f889c949d4376436db40323c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
a0787d44063ccdb37c9b65d492826706e607ab2f4b3896d0107e1ef30558c789
a32949918dd53cb02f3a047a0aca655890fddaa1ea0b354e4fba59415734870e
a5308614848e4fd327b3aebc1c499ca51ac8e5e46f74bd6709364c72dce0dcb3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc1cd8a06fd10e7688d3a530e163ae610eaafe35ab8a8f7e18575a4b92cace52
bf2205df60401c4cda37db3228718719f5a06e17fe92fe5120e3f73308a92f52
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c631013867e93643c904390226525951ab06e3b63732a526614c3bf80780992d
cf4b2a9cef04c8838412657549d3182e4d812540d97754398a056e6804568458
d4b937c4c0e4e584c9ddbb4e8071394ed70bd7c861e6a27201b930420d0faee3
ddab6901a1aea8af17b8c24333e445185fb648f7453746e22310a4677ca87a1e
df29183704679e9e6b80babcef194379d478a27379db07b380acdf6ff46b4cd7
e178aa29d14dfb7c469fb9f22c7e2fb51de969cb3ca6610d47d44a8993871595
e2a850fb1010b9b5e948bfcb61f6947ec2087c6e9351df77bf72cbf44a635e57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
f81b2cea67b24d7283e294d5a0e2d078d9a53e24dcef5a72dc99b7b3896a4447

95.217.20.137 Open in urlscan Pro 95.217.20.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

52 %HTTPS

44 %IPv6

14 Domains

19 Subdomains

19 IPs

6 Countries

531 kBTransfer

2169 kBSize

9 Cookies

10 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

95.217.20.137 Open in urlscan Pro
95.217.20.137 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

52 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

19
IPs

6
Countries

531 kB
Transfer

2169 kB
Size

9
Cookies

67 HTTP transactions
0 data transactions