pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastebin.com/7P5mvgDx
Submission: On January 19 via manual (January 19th 2018, 1:39:12 pm UTC) from US

Summary HTTP 131 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 20 domains to perform 131 HTTP transactions. The main IP is 104.20.208.21, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pastebin.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 17th 2017. Valid for: 6 months.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	104.20.208.21 104.20.208.21	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	104.27.89.38 104.27.89.38	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	204.11.109.76 204.11.109.76	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	172.217.22.14 172.217.22.14	15169 (GOOGLE) (GOOGLE - Google LLC)
1	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.172.94.66 95.172.94.66	15570 (Internap ...) (Internap European Autonomous System)
1 3	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.239.168.168 54.239.168.168	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	95.172.94.44 95.172.94.44	15570 (Internap ...) (Internap European Autonomous System)
6	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
4	204.11.109.65 204.11.109.65	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1	23.111.10.144 23.111.10.144	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1	204.11.109.67 204.11.109.67	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
13	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.27.107.38 104.27.107.38	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google LLC)
9	68.67.153.75 68.67.153.75	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
5 11	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
3 15	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	104.20.16.243 104.20.16.243	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	172.217.22.1 172.217.22.1	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.12.195 172.217.12.195	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	52.51.121.249 52.51.121.249	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
131	22

45 104.20.208.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.27.89.38 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pub.freestar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.76 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.154 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.172.94.66 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: pixel.quantserve.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.43.115.95 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.168.168 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-239-168-168.fra50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.172.94.44 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: pixel.quantserve.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.11.109.68 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.11.109.65 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.67 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.107.38 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.153.75 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: lbip767069.nym2.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.112.166 (San Francisco, United States) 5 redirects

ASN54113 (FASTLY - Fastly, US)

tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.33.223.210 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.20.16.243 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prebid.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.12.195 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lga25s63-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.121.249 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-121-249.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pastebin.com pastebin.com	482 KB
24	adnxs.com 3 redirects prebid.adnxs.com ib.adnxs.com	23 KB
11	contextweb.com 5 redirects tag-st.contextweb.com bid.contextweb.com bh.contextweb.com	38 KB
11	tribalfusion.com s.tribalfusion.com	66 KB
11	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	206 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	45 KB
6	freestar.io pub.freestar.io	92 KB
3	districtm.ca prebid.districtm.ca	19 KB
3	google.com adservice.google.com	1012 B
3	google.de adservice.google.de	1012 B
3	googletagservices.com www.googletagservices.com	6 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	15 KB
2	adsrvr.org 2 redirects match.adsrvr.org	870 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	5 KB
2	exponential.com tags.expo9.exponential.com	5 KB
1	gstatic.com csi.gstatic.com	268 B
1	pub.network a.pub.network	52 KB
1	fancybar.net cdn.fancybar.net	5 KB
1	quantcount.com rules.quantcount.com	1 KB
131	20

	Domain	Requested by
45	pastebin.com	pastebin.com s.tribalfusion.com
15	ib.adnxs.com	3 redirects a.pub.network pub.freestar.io prebid.districtm.ca
11	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com
9	prebid.adnxs.com	a.pub.network pub.freestar.io pastebin.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
6	pub.freestar.io	pastebin.com pub.freestar.io
5	bh.contextweb.com	5 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	bid.contextweb.com	tag-st.contextweb.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	prebid.districtm.ca	a.pub.network pub.freestar.io
3	tag-st.contextweb.com	a.pub.network pub.freestar.io
3	adservice.google.com	www.googletagservices.com
3	adservice.google.de	www.googletagservices.com
3	www.googletagservices.com	pub.freestar.io
3	sb.scorecardresearch.com	1 redirects pub.freestar.io pastebin.com
3	www.google-analytics.com	pastebin.com
2	match.adsrvr.org	2 redirects
2	tags.expo9.exponential.com	pastebin.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	cm.g.doubleclick.net	1 redirects
1	a.pub.network	pub.freestar.io
1	cdn.fancybar.net	pastebin.com
1	pixel.quantserve.com	pastebin.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	pub.freestar.io
1	stats.g.doubleclick.net	pastebin.com
131	27

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-11-17` - `2018-05-26`	6 months	crt.sh

This page contains 8 frames:

Primary Page: https://pastebin.com/7P5mvgDx
Frame ID: (4E54CD84F092D46A24D8BD5E8F2DD8C6)
Requests: 55 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (68B36092ACCF43283D40FF12502D14)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (8ACA06A15769131E0AB2BCDF7EDEBD7)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (E2FA7073A516F1B8FC91A98F056BF07D)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Frame ID: (D3ECB926E66633597B1B79595989E3CC)
Requests: 2 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_custom_safe.php
Frame ID: (DF70B9335845BB62B979AFCDC3D936D4)
Requests: 21 HTTP requests in this frame

Frame: https://pastebin.com/adserver/300x250_custom_safe.php
Frame ID: (35196F1EB8C0FDF5990C7019B520D811)
Requests: 23 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_custom_safe.php
Frame ID: (F3C01158E0F616EDE0F7556106BDCC4F)
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^_bsa/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

131
Requests

34 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

22
IPs

5
Countries

1057 kB
Transfer

2473 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: deals

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&c9=

Request Chain 112

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEDLADavVuqQt97xh_bNGXKI&google_cver=1 HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

Request Chain 113

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

Request Chain 123

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

Request Chain 124

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://match.adsrvr.org/track/cmf/contextweb HTTP 302
https://match.adsrvr.org/track/cmb/contextweb HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=629276e1-20f4-4f78-8cf8-1d083a8dabe4 HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

Request Chain 126

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

Request Chain 127

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 7P5mvgDx Show response
pastebin.com/ 352 KB
353 KB 175ms
148ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa10fe96c579f5fd706b715ef82ee258b63e20d7e822329fcf22d0bdc1a0e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /7P5mvgDx
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority: pastebin.com
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 200
set-cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; expires=Sat, 19-Jan-19 13:38:58 GMT; path=/; domain=.pastebin.com; HttpOnly
cf-ray: 3dfa328c888763b5-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
30 KB 18ms
18ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/jquery.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 3dfa328d790f63b5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 pastebin.min.v2.js Show response
pastebin.com/js/ 35 KB
12 KB 8ms
8ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v2.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/pastebin.min.v2.js
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:32:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 3dfa328d791063b5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 text.css
pastebin.com/cache/css_lang/ 706 B
405 B 26ms
26ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/cache/css_lang/text.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/css_lang/text.css
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 09:15:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 3dfa328d891163b5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 pastebin.min.v4.css
pastebin.com/i/ 39 KB
8 KB 9ms
9ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v4.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin.min.v4.css
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:30:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 3dfa328d891263b5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
S 200 pubfig.min.js Show response
pub.freestar.io/pastebin/ 651 B
1007 B 67ms
27ms Script
text/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0d78d6c09317c993832ccf0d37d38da713ce6fe2cfeb1a40ef24473da06335

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UqGljJE28VO1FbUcSDJvhaQBrf7AuiM2jXJizf9ODMXegxlLgbO_ozn0ugp3yGXl8mPSNO3UKIQVYcLuRh2Cj6m1cJdRg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 23 Feb 2017 17:50:42 GMT
server: cloudflare
etag: W/"b3e8921e9238f380e7aff0556f6c8d27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=jkyR9A==, md5=s+iSHpI484Dnr/BVb2yNJw==
x-goog-generation: 1487872242451988
cache-control: public, max-age=3600
x-goog-stored-content-length: 651
cf-ray: 3dfa328e99839720-FRA
expires: Fri, 19 Jan 2018 13:49:17 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
1 KB 15ms
15ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/guest.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/guest.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328d891463b5-FRA
content-length: 1152
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
154 B 9ms
9ms Image
image/gif 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/t.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/t.gif
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328d891663b5-FRA
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/Safe/ 7 KB
3 KB 769ms
152ms Script
application/x-javascript 204.11.109.76
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: HTTP/1.1
Server: 204.11.109.76 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:38:59 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Fri, 19 Jan 2018 14:38:59 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 35 KB
14 KB 6ms
5ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 6223
date: Fri, 19 Jan 2018 11:55:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Fri, 19 Jan 2018 13:55:15 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
266 B 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/header_bg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/header_bg.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598963b5-FRA
content-length: 191
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
18 KB 9ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pastebin_logo_side_outline.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin_logo_side_outline.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598a63b5-FRA
content-length: 18016
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
567 B 13ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/add_2.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/add_2.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598c63b5-FRA
content-length: 491
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
1 KB 10ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/search.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/search.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598d63b5-FRA
content-length: 1429
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 menu_down.png
pastebin.com/i/ 506 B
582 B 13ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_down.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/menu_down.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598e63b5-FRA
content-length: 506
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 dd_pastebin.png
pastebin.com/i/ 667 B
744 B 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_pastebin.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_pastebin.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-29b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e598f63b5-FRA
content-length: 667
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 dd_messages.png
pastebin.com/i/ 1 KB
1 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_messages.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_messages.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-44b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599063b5-FRA
content-length: 1099
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 dd_alerts.png
pastebin.com/i/ 915 B
992 B 11ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_alerts.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_alerts.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599163b5-FRA
content-length: 915
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 dd_settings.png
pastebin.com/i/ 1 KB
1 KB 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_settings.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_settings.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599263b5-FRA
content-length: 1262
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
452 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/linebg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/linebg.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599363b5-FRA
content-length: 375
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 public.png
pastebin.com/i/ 2 KB
2 KB 12ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/public.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/public.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599463b5-FRA
content-length: 2003
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
H2 200 pro_btn_hover.png
pastebin.com/i/ 729 B
806 B 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pro_btn_hover.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pro_btn_hover.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa328e599563b5-FRA
content-length: 729
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:58 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=227245715&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&ul=en-us&de=UTF-8&dt=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1707931069&gjid=1184621014&cid=1851013192.1516369139&tid=UA-58643-34&_gid=1110345782.1516369139&z=624257283

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2017 07:02:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1665388
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
380 B 45ms
13ms Image
image/gif 74.125.206.154
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j66&tid=UA-58643-34&cid=1851013192.1516369139&jid=1707931069&gjid=1184621014&_gid=1110345782.1516369139&_u=IGBAgEAB~&z=1095175741

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

SPDY

Server

74.125.206.154 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wk-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Jan 2018 13:38:59 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=227245715&t=event&_s=2&dl=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&ul=en-us&de=UTF-8&dt=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pagev&ea=Safe&_u=IGBAgEAB~&jid=&gjid=&cid=1851013192.1516369139&tid=UA-58643-34&_gid=1110345782.1516369139&z=968258969

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2017 07:02:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1665388
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 11 KB
5 KB 56ms
12ms Script
application/x-javascript 95.172.94.66
Internap European...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig.min.js
Protocol: HTTP/1.1
Server: 95.172.94.66 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS: pixel.quantserve.com
Software: QS /
Resource Hash: 23a1a8123c5cfb9df1063c6cfbab2b7bb80fe645d6e7158baacbea022a81e2a0

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:38:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19-Jan-2018 13:38:59 GMT
Server: QS
ETag: M0-8af1d7b9
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: close
Content-Length: 4786
Expires: Fri, 26 Jan 2018 13:38:59 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
6ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig.min.js
Protocol: HTTP/1.1
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:38:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=1209600
Connection: keep-alive
Content-Length: 901
Expires: Fri, 02 Feb 2018 13:38:59 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpast...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpas...

0
248 B

6ms
6ms

Image
text/plain

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&c9=
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: HTTP/1.1
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:38:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1516369139075&ns_c=UTF-8&cv=3.1&c8=Summary%20Operating%20System%20Windows%2010%20Pro%2064-bit%20CP%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&c9=
Pragma: no-cache
Date: Fri, 19 Jan 2018 13:38:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 26ms
9ms Script
application/x-javascript 54.239.168.168
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: SPDY
Server: 54.239.168.168 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-239-168-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 12 Dec 2017 18:06:29 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
age: 1915
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: liaAwpxt5kZQQmbpuumWec60-bqAWlQ0ZRPacPAcsZkleaihNBx-Tg==
via: 1.1 e0ece2fc930e4eafcacb21a60126c353.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pixel;r=1914085133;labels=title.Summary%20%20%20%20%20%20%20%20%20%20Operating%20System%20%20%20%20%20%20%20%20%20%20%20%20%20%20Windows%2010%20Pro%2064-bit%20%20%20%20%20%20%20%20%20%20CP%20-%20Pa...
pixel.quantserve.com/ 35 B
474 B 52ms
11ms Image
image/gif 95.172.94.44
Internap European...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1914085133;labels=title.Summary%20%20%20%20%20%20%20%20%20%20Operating%20System%20%20%20%20%20%20%20%20%20%20%20%20%20%20Windows%2010%20Pro%2064-bit%20%20%20%20%20%20%20%20%20%20CP%20-%20Pastebin.com;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fpastebin.com%2F7P5mvgDx;fpan=1;fpa=P0-570666591-1516369139138;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1516369139137;tzo=0;ogl=title.Summary%20%20%20%20%20%20%20%20%20%20Operating%20System%20%20%20%20%20%20%20%20%20%20%20%20%20%20Windows%2010%20Pro%2064-bit%20%20%20%20%20%20%20%20%20%20CP%2Ctype.article%2Curl.https%3A%2F%2Fpastebin%252Ecom%2F7P5mvgDx%2Cimage.https%3A%2F%2Fpastebin%252Ecom%2Fi%2Ffacebook%252Epng%2Csite_name.Pastebin
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: HTTP/1.1
Server: 95.172.94.44 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS: pixel.quantserve.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:38:59 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (68B 58 KB
14 KB 787ms
173ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Fri, 19 Jan 2018 14:39:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (8AC 58 KB
14 KB 806ms
176ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Fri, 19 Jan 2018 14:39:00 GMT

GET
H2 200 steadfast_1.png
pastebin.com/i/ 1 KB
1 KB 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/steadfast_1.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/steadfast_1.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1563b5-FRA
content-length: 1245
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 facebook_svg.png
pastebin.com/i/ 794 B
870 B 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_svg.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1663b5-FRA
content-length: 794
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 twitter_svg.png
pastebin.com/i/ 1 KB
2 KB 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_svg.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1763b5-FRA
content-length: 1490
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 user.png
pastebin.com/i/ 2 KB
2 KB 10ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/user.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/user.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1863b5-FRA
content-length: 1737
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 date.png
pastebin.com/i/ 1 KB
1 KB 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/date.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/date.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1963b5-FRA
content-length: 1203
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 views.png
pastebin.com/i/ 1 KB
1 KB 7ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/views.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/views.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1a63b5-FRA
content-length: 1450
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 expire.png
pastebin.com/i/ 2 KB
2 KB 12ms
12ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/expire.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/expire.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1b63b5-FRA
content-length: 1729
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 info.png
pastebin.com/i/ 2 KB
2 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/info.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/info.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa3292bc1c63b5-FRA
content-length: 1676
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 gift.png
pastebin.com/i/ 2 KB
2 KB 17ms
16ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/gift.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23396f2caca227b0433f07c7952518183b9ffbbaa4574a7da47857693f0e17d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/gift.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2017 08:11:04 GMT
server: cloudflare
etag: "59f04718-78f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32944d1a63b5-FRA
content-length: 1935
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/ 7 KB
3 KB 156ms
156ms Script
application/x-javascript 204.11.109.76
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: HTTP/1.1
Server: 204.11.109.76 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:38:59 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Fri, 19 Jan 2018 14:38:59 GMT

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 10 KB
5 KB 26ms
6ms Script
application/javascript 23.111.10.144
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=pastebin
Requested by: Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx
Protocol: HTTP/1.1
Server: 23.111.10.144 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2ca8904452135a1a1d08c4ff4f873458700854884ebaa667d65c63c851a098bd

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:38:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2016 20:20:52 GMT
Server: NetDNA-cache/2.2
ETag: W/"294b-544d1d2642384"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (E2F 58 KB
14 KB 789ms
171ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Fri, 19 Jan 2018 14:39:00 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
899 B 10ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_circle.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4163b5-FRA
content-length: 818
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
1 KB 14ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_circle.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-3ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4263b5-FRA
content-length: 954
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
3 KB 15ms
13ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_chrome.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_chrome.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4363b5-FRA
content-length: 2990
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
3 KB 12ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_firefox.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_firefox.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4463b5-FRA
content-length: 3178
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
3 KB 10ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_ios.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_ios.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4b63b5-FRA
content-length: 3011
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
2 KB 10ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_windows.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_windows.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4c63b5-FRA
content-length: 1808
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_webos.png
pastebin.com/i/ 3 KB
3 KB 13ms
12ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_webos.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_webos.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-d1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4d63b5-FRA
content-length: 3358
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
2 KB 11ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_android.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_android.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4e63b5-FRA
content-length: 2469
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
3 KB 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_macosx.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_macosx.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d4f63b5-FRA
content-length: 2865
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
3 KB 17ms
16ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_opera.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_opera.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d5063b5-FRA
content-length: 2756
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
5 KB 11ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_linux.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_linux.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d5163b5-FRA
content-length: 4571
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
1 KB 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/close_promo.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:38:59 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare
etag: "590c3d57-594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32949d5263b5-FRA
content-length: 1428
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:38:59 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/ Frame (D3E 58 KB
14 KB 564ms
158ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 15165ce15de1de59ae31793e0e0a4303f6739437468c446b3b79b4275a4ceb3c

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 9538167257438097425
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13874
Expires: Fri, 19 Jan 2018 14:39:00 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
583 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/cd-top-arrow.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/7P5mvgDx

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/cd-top-arrow.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:00 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32960e8763b5-FRA
content-length: 451
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:39:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (68B 678 B
847 B 186ms
161ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 5054359ef999bcd965abcda654d72368038825d810449966ac3823e4c1474e9e

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 330
Expires: Thu, 19 Apr 2018 13:39:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (8AC 677 B
848 B 289ms
157ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f835e6db3a1e4117eb6d711cf3e860817cfe17f2e310b4799d3a47bbf9868061

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 330
Expires: Thu, 19 Apr 2018 13:39:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (E2F 677 B
847 B 169ms
156ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 0e3f0a2dc277c624b266fb81d86810b4fbab9e6bb2bfcb9cb790239512289df4

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Thu, 19 Apr 2018 13:39:00 GMT

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (68B 8 KB
4 KB 172ms
162ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600,120x600&busted=1&url=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&f=0&p=9066664&tKey=aOmneMnGrsptYK2EMf5dAmSpbMRX10pZc&a=1&adContainerId=richmedia_2&rnd=9068592
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 785ffe1a20f57f6f9f6b082b94ed3f70bd9d1e4d79ece5d328829070fbb4892c

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 1
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 3432
Expires: 0

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (D3E 677 B
847 B 162ms
162ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f835e6db3a1e4117eb6d711cf3e860817cfe17f2e310b4799d3a47bbf9868061

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 330
Expires: Thu, 19 Apr 2018 13:39:00 GMT

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (8AC 5 KB
3 KB 160ms
160ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&f=0&p=9066664&tKey=aLmneMQTUJRc7BQrInPWQ81bvaRX1Yvh&a=3&adContainerId=richmedia_4&rnd=9069284
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 081688e9b5e7f86e8036f261d185c701158ca2bca35351e82ca4e6b89ad42b45

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 4
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 2169
Expires: 0

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (E2F 605 B
977 B 154ms
153ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x600,300x250&busted=1&url=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&f=0&p=9066664&tKey=aHmneMPU7oXqrO4Tbi2qQ2yd7pRX1iAT&a=5&adContainerId=richmedia_6&rnd=9071518
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 2ef23db47a64f3a320580e9e294724ced1f4ab9dbdba2cdc82d41b3f843913c1

Request headers

Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 4
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 482
Expires: 0

GET
H2 200 160x600_custom_safe.php Show response
pastebin.com/adserver/ Frame (DF7 808 B
879 B 117ms
116ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7106b1c10628b1dbe9bb051a7f111584e755a235e394f26d9822e10e9fde6c4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/160x600_custom_safe.php
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3dfa329aa93263b5-FRA
x-xss-protection: 1; mode=block

GET
S 200 pubfig160x600.min.js Show response
pub.freestar.io/pastebin/ Frame (DF7 3 KB
1 KB 9ms
8ms Script
application/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd02b637b08374326b56366aa11c214880bf90cb7a5ab12549e2a7d993447197

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2Up6i25IrIE9ViXAtCBJ6PcjzmrBfOtNGjLGr0WGvwoJ2rlrYUkc1jmTS4QbGW42XT1JrlrRc5zoUU26g8uKnhtEk6mtXw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 12 Jan 2018 00:04:24 GMT
server: cloudflare
etag: W/"d379e3a24fbbd26ccd737b9a17507c1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=6t/2YA==, md5=03njok+70mzNc3uaF1B8HQ==
content-language: en
x-goog-generation: 1515715464194907
cache-control: public, max-age=3600
x-goog-stored-content-length: 2664
cf-ray: 3dfa329c3edd9720-FRA
expires: Fri, 19 Jan 2018 14:18:49 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (DF7 13 KB
6 KB 75ms
51ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d2bab129a24e1478988aaf8b5595c80e3e17bd05c6fbd7fc803c4f25d15f3d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1516332796179630"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5784
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

GET
S 200 prebid-analytics-confiant-0.33.js Show response
a.pub.network/core/ Frame (DF7 164 KB
52 KB 96ms
25ms Script
application/javascript 104.27.107.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js
Protocol: SPDY
Server: 104.27.107.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566bdacc0130573541a01c8d746d5a5eeeb72893ad5795b5cfda5d3067221378

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UrBUv3jRxGM2vu6teo6co4C76apXrC8P-Zi5mbaRSeyQigCJc9b0Vc0elS3lDY8VEGoA-Kc5y8XbeQk7iG8i-dSGjEUIg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
last-modified: Wed, 29 Nov 2017 19:49:46 GMT
server: cloudflare
etag: W/"a1dab50e8bc020b19fd5f828ea39a766"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=b7NV6A==, md5=odq1DovAILGf1fgo6jmnZg==
x-goog-generation: 1511984986163655
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 168104
cf-ray: 3dfa329ceb10979e-FRA
expires: Fri, 19 Jan 2018 17:39:01 GMT

GET
H2 200 300x250_custom_safe.php Show response
pastebin.com/adserver/ Frame (351 804 B
844 B 116ms
116ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/300x250_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc2d0690e3bff9bc8c528d85dbd507e1164a49c6bae7e34d9d474b2e4c39d325

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/300x250_custom_safe.php
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3dfa329be9fa63b5-FRA
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (DF7 108 B
664 B 54ms
17ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (DF7 108 B
664 B 54ms
17ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (DF7 178 KB
63 KB 56ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63980
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

GET
H2 200 728x90_custom_safe.php Show response
pastebin.com/adserver/ Frame (F3C 832 B
875 B 229ms
229ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f85a70f2a4ba2ccd0505611d6251aad3bef718adf8c9cb96c256199c13fdf0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/728x90_custom_safe.php
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/7P5mvgDx
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/7P5mvgDx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3dfa329b69bf63b5-FRA
x-xss-protection: 1; mode=block

GET
S 200 pubfig300x250.min.js Show response
pub.freestar.io/pastebin/ Frame (351 3 KB
2 KB 9ms
8ms Script
application/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c020f741482829c319424eecbbb8bbe0e8b880fabc8acb854c3f4a325a43ab

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UovTOREJDYJZg5HJ7iZTXwGbHg8-ET7Fg8uVHP47SlZEHnYjZ8SNJdU4ZOS27XyTPeHilAAzw0yju0g9otVBwyVdHZDYw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 12 Jan 2018 00:04:35 GMT
server: cloudflare
etag: W/"7cd40ea7949e328b5e1ebb478e924b62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=lw2KLw==, md5=fNQOp5SeMoteHrtHjpJLYg==
content-language: en
x-goog-generation: 1515715475279293
cache-control: public, max-age=3600
x-goog-stored-content-length: 2891
cf-ray: 3dfa329cfff39720-FRA
expires: Fri, 19 Jan 2018 13:53:59 GMT

GET
S 200 pubfig728x90.min.js Show response
pub.freestar.io/pastebin/ Frame (F3C 3 KB
2 KB 9ms
8ms Script
application/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_safe.php
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a236d87df706c989588ae6c8f3981f4c62d765e96b5250e9525f2a1c16ff77a5

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UpfLL_OQnaOZUqqjUHvloOvyQXXUBHsi3LyQCZ-pLWO97kkPWzmv2q_yAPjRgkHI3-yeF-x8v3hEWe35lIfUXHx1nzeXQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 12 Jan 2018 00:04:46 GMT
server: cloudflare
etag: W/"eb950ff9b75a487c6309e3c4c7595d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=+pbOPw==, md5=65UP+bdaSHxjCePEx1ldEA==
content-language: en
x-goog-generation: 1515715486879641
cache-control: public, max-age=3600
x-goog-stored-content-length: 2899
cf-ray: 3dfa329d180f9720-FRA
expires: Fri, 19 Jan 2018 14:15:13 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (351 13 KB
0 75ms
51ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d2bab129a24e1478988aaf8b5595c80e3e17bd05c6fbd7fc803c4f25d15f3d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1516332796179630"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5784
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

GET
S 200 prebid.0.18.0.js Show response
pub.freestar.io/core/ Frame (351 135 KB
43 KB 22ms
21ms Script
text/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/core/prebid.0.18.0.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UoswtbG4hgpQx3LCXk5Fo_Zyq2si-mg4jDqF4UjIIvF4l4e9irP5FVPRB0jaISIJLLfsz2S32nWXkxZhdDBEcGde3rv7w
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Wed, 13 Sep 2017 21:18:29 GMT
server: cloudflare
etag: W/"7580dad0f80106496b0eb78e0874ac53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=DfdWjw==, md5=dYDa0PgBBklrDreOCHSsUw==
x-goog-generation: 1505337509876684
cache-control: public, max-age=3600
x-goog-stored-content-length: 138216
cf-ray: 3dfa329d38229720-FRA
expires: Fri, 19 Jan 2018 13:43:20 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (351 108 B
174 B 15ms
15ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (351 108 B
174 B 15ms
14ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (351 178 KB
63 KB 40ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63980
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (F3C 13 KB
0 75ms
51ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d2bab129a24e1478988aaf8b5595c80e3e17bd05c6fbd7fc803c4f25d15f3d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1516332796179630"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5784
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

GET
S 200 prebid.0.18.0.js Show response
pub.freestar.io/core/ Frame (F3C 135 KB
43 KB 17ms
14ms Script
text/javascript 104.27.89.38
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/core/prebid.0.18.0.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js
Protocol: SPDY
Server: 104.27.89.38 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UoswtbG4hgpQx3LCXk5Fo_Zyq2si-mg4jDqF4UjIIvF4l4e9irP5FVPRB0jaISIJLLfsz2S32nWXkxZhdDBEcGde3rv7w
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Wed, 13 Sep 2017 21:18:29 GMT
server: cloudflare
etag: W/"7580dad0f80106496b0eb78e0874ac53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=DfdWjw==, md5=dYDa0PgBBklrDreOCHSsUw==
x-goog-generation: 1505337509876684
cache-control: public, max-age=3600
x-goog-stored-content-length: 138216
cf-ray: 3dfa329d58399720-FRA
expires: Fri, 19 Jan 2018 13:43:20 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (F3C 108 B
174 B 17ms
13ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (F3C 108 B
174 B 18ms
14ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (F3C 178 KB
63 KB 43ms
39ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63980
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:01 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (DF7 496 B
848 B 368ms
94ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 41e758d7905a8dfd8ded3d11781fd7351f7a77531aa856921961942222b45af4

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (DF7 30 KB
11 KB 74ms
18ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Content-Encoding: gzip
Age: 278
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1548-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1516369141.455669,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 1302

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (DF7 0
774 B 75ms
19ms Script
text/html 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=40b9f96b874d5a&psa=0&id=10885892&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 448ba00d-dd28-424f-a24b-177d6862b01a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (DF7 80 B
1 KB 87ms
31ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=6999d0c33360d7&psa=0&id=10874059&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

1d262ccb2235be9ad92c525dece5b83bc9f20900aee1847cbf04592fcf475522

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.10:80
AN-X-Request-Uuid: 4d69529f-1812-4556-99b9-3899bcbebec7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (DF7 21 KB
7 KB 73ms
16ms Script
text/javascript 104.20.16.243
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js
Protocol: SPDY
Server: 104.20.16.243 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6B7A8DE95004B95D
status: 200
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
x-amz-id-2: ruyYBxVW2gJ5a+bS87UW4KUEpb6R8T7eZS6VQmClTC20rfOiA5LC9A38rI8bHwmwUj/IqOCXYhM=
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 3dfa329e1cdb97bc-FRA
expires: Sat, 20 Jan 2018 13:39:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (DF7 81 B
1 KB 96ms
40ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=10b080e21d809aa&psa=0&id=10877100&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-confiant-0.33.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

6e1e45ad4eb3eb13fe86b95650806b7e7ae3c73ba34bff2668903ac74e642839

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.249:80
AN-X-Request-Uuid: b5953d73-653a-41c0-8ed8-f34e3084b533
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 81
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ Frame (DF7 0
0 40ms
7ms Other
text/html 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-15/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 17 Jan 2018 23:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136735
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1453
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2018 20:47:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jan 2019 23:40:06 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (351 496 B
848 B 316ms
97ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 4409f840bf3901e7546250dfc5d7d5cb721a740dfe201e13aa38bca5bac18730

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (351 80 B
1 KB 29ms
29ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=2dcab389d8b053&psa=0&id=10877100&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

5c5dcc85d032ff48a6b3e977f7190acaecadad8b9e69cd749255e3bcabf1f372

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.214:80
AN-X-Request-Uuid: b6328a0d-fe97-48e4-ac51-bb4f62210b84
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (351 21 KB
6 KB 10ms
10ms Script
text/javascript 104.20.16.243
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: SPDY
Server: 104.20.16.243 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6B7A8DE95004B95D
status: 200
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
x-amz-id-2: ruyYBxVW2gJ5a+bS87UW4KUEpb6R8T7eZS6VQmClTC20rfOiA5LC9A38rI8bHwmwUj/IqOCXYhM=
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 3dfa329ead5e97bc-FRA
expires: Sat, 20 Jan 2018 13:39:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (351 80 B
1 KB 24ms
24ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=648388b4e97154&psa=0&id=10874068&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

dc19b3fcb7e86f044028218b060bfbccf478e5cc23020d53116ba005d657f9b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.245:80
AN-X-Request-Uuid: 29a99e77-41e6-4cf5-b066-b32ba481ed97
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (351 30 KB
11 KB 6ms
6ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Content-Encoding: gzip
Age: 278
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1548-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1516369142.551890,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 1303

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (351 0
906 B 14ms
14ms Script
text/html 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=10ec2edef0ad889&psa=0&id=10885893&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.55:80
AN-X-Request-Uuid: 8147101a-178e-4fed-946f-6c6e846a43bd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ Frame (351 0
0 7ms
6ms Other
text/html 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-15/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 17 Jan 2018 23:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136735
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1453
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2018 20:47:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jan 2019 23:40:06 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (F3C 496 B
848 B 332ms
102ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 1c4584775800b9fa3992a133f921625eef48e3d7820b01bb6a25ee1f35e649a0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (F3C 80 B
1 KB 34ms
33ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=23ed41d4ff2389&psa=0&id=10877100&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

8565a301411cb2c98daffbca35523836a249555b94ac0a6ea2a3d419900f334c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.26:80
AN-X-Request-Uuid: ef0e5add-4a4a-461f-8f65-72d97b30b6ff
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (F3C 21 KB
6 KB 10ms
9ms Script
text/javascript 104.20.16.243
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: SPDY
Server: 104.20.16.243 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6B7A8DE95004B95D
status: 200
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
x-amz-id-2: ruyYBxVW2gJ5a+bS87UW4KUEpb6R8T7eZS6VQmClTC20rfOiA5LC9A38rI8bHwmwUj/IqOCXYhM=
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 3dfa329eed8697bc-FRA
expires: Sat, 20 Jan 2018 13:39:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (F3C 80 B
1 KB 67ms
67ms Script
application/javascript 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=669130126a0304&psa=0&id=10874048&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

f23633fbb96224a1a98a2c6b8a357683631048a5c599fca6c6707989fa0618a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.15:80
AN-X-Request-Uuid: d041433d-32ed-41d8-b86a-84291b702512
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (F3C 30 KB
11 KB 7ms
7ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Content-Encoding: gzip
Age: 278
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1548-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1516369142.591231,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 1304

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (F3C 0
906 B 12ms
12ms Script
text/html 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=10857833fc5fccc&psa=0&id=10885891&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2F7P5mvgDx

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.81:80
AN-X-Request-Uuid: 3bfc66fa-554f-4dc3-9f7a-ac8381eb4684
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ Frame (F3C 0
0 7ms
6ms Other
text/html 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-15/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 17 Jan 2018 23:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136735
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1453
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2018 20:47:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jan 2019 23:40:06 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (DF7 143 B
1 KB 62ms
61ms XHR
application/json 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

1e4160b7a17ea8c1ac8ab04136ac9c85c43dc6565441f9a895d4e62e485eb295

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: a9b071b3-ca12-4f46-90c9-c99192b3bb42
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (DF7 0
668 B 59ms
22ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551469&cf=160X600&rq=1&dw=160&cwu=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&cwr=&mrnd=44995058&if=2&tl=1&pxy=1222,552&cxy=160,600&dxy=1585,41295&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1524-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid12
X-Cache-Hits: 0

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (351 0
586 B 28ms
28ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551467&cf=300X250&rq=1&dw=300&cwu=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&cwr=&mrnd=56166462&if=2&tl=1&pxy=552,40898&cxy=300,250&dxy=1585,41295&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1524-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid06
X-Cache-Hits: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (351 143 B
1 KB 48ms
44ms XHR
application/json 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

5880c5ea3cc6fe01cb0c90395db999907eb48fa1cdc7ec0e0ef98043ccfa56f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.196:80
AN-X-Request-Uuid: b29e8f12-91d8-40bc-b9b4-6f31be931e8b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (F3C 0
586 B 22ms
20ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551466&cf=728X90&rq=1&dw=728&cwu=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&cwr=&mrnd=51670062&if=2&tl=1&pxy=204,116&cxy=728,90&dxy=1585,41295&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 19 Jan 2018 13:39:01 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1524-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid05
X-Cache-Hits: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (F3C 143 B
1 KB 113ms
105ms XHR
application/json 185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

06d6e87dfd0d3d88f09569d806276da48c12996de5a4b5129ea4bbbf159554ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.87:80
AN-X-Request-Uuid: b42971d6-2898-4230-954f-c34c18330885
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (DF7
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEDLADavVuqQt97xh_bNGXKI&google_cver=1
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

0
511 B

106ms
105ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Fri, 19 Jan 2018 13:39:02 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh00
X-Served-By: cache-hhn1531-HHN

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (DF7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

0
515 B

128ms
127ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.68:80
AN-X-Request-Uuid: e1e55ad5-ce1f-43f7-9bf1-ecc61809ed39
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame (351 40 KB
15 KB 23ms
6ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

3aa8b47cb1d177d58ba42a46e3159a43e5e907cfbac0bdf2a1fa83ca4c16946a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 12:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 15208
x-xss-protection: 1; mode=block
server: cafe
etag: 4764166938353156818
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2018 13:53:05 GMT

POST
S 204 csi
csi.gstatic.com/ Frame (351 0
268 B 288ms
104ms Other
image/gif 172.217.12.195
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~jclz1a7i&c=2537353958412176&e=108809132%2C21060168%2C21060361%2C21060363%2C21061149&ctx=1&met.9=1.5o~2.cg&met.1=1.jclz19is~6.0~7.0~8.0~9.0~10.0~12.1~13.39~14.4k~15.4l~16.4s~17.4s~18.4s~19.nb~20.nb~21.nd&met.7=CBsQCiCpATgX~CA0QChgBIMgBKMgBMMgBaMgBcMgBgAGYLYgBlmmwAQG4AQE~CBsQCiDIAThU~CC8QBxgBIM0BKM0BMIACODNozgFw3QF4rgGAAWuIAWywAQG4AQM~CC8QBxgBIM4BKM4BMIACODJozgFw3QF4rgGAAWuIAWywAQG4AQM~CA4QChgBIM4BKM4BMKkCOFtozwFw9gF43vQDgAHs8wOIAbORC7ABAbgBAw~CBsQCiC2AzicAQ~CBsQCiC3AziBAQ~CBsQCiC3AzibAQ~CBsQCiC4AziAAQ~CBsQCiC4AziCAQ~CBkQChgBIMgGKMgGMOUGOB1AyQZIygZQygZY2AZg0QZo2QZw3wZ4wHuAAeh2iAGxwgKwAQG4AQM~CBsQCDjJBg&met.2=19.5~17.c5~18.mw~15.f~16.1px6
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Server: 172.217.12.195 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: lga25s63-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: max-age=0
Origin: https://pastebin.com
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jan 2018 13:39:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (DF7 3 KB
2 KB 65ms
64ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2502902611223070&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21060494%2C21061149&sc=1&sfv=1-0-15&iu_parts=15184186%2CPastebin_160x600_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1516369142&dt=1516369142599&ea=0&frm=23&biw=1585&bih=1200&isw=160&ish=600&oid=3&adxs=1222&adys=552&adks=1035039964&gut=v2&ifi=1&ifk=1320065300&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F160x600_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&top=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&dssz=12&icsg=1131010&mso=32&std=0&vrg=173&vis=1&scr_x=0&scr_y=0&ga_vid=1851013192.1516369139&ga_sid=1516369143&ga_hid=126524984

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

2bb0d22b85644fb996d983abd72fc9715c3a6e2493a30b245d44b642431bd1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1452
x-xss-protection: 1; mode=block
google-lineitem-id: 113045586
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737329346
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (DF7 33 KB
13 KB 41ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_173.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12741
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:02 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (DF7 83 KB
30 KB 6ms
6ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

d38b37159bf64d981602acc01541f1427cffa9479e4f3ef980e5f334ee688676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 30434
x-xss-protection: 1; mode=block
server: cafe
etag: 17055803591118644262
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2018 14:18:40 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (351 3 KB
2 KB 63ms
63ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4102060706024977&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=108809132%2C21060168%2C21060361%2C21060363%2C21061149&sc=1&sfv=1-0-15&iu_parts=15184186%2CPastebin_300x250_300x600_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1516369142&dt=1516369142766&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=552&adys=40898&adks=2076961728&gut=v2&ifi=1&ifk=1390418613&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&top=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&dssz=13&icsg=9507330&mso=32&std=0&vrg=173&rumc=2537353958412176&vis=1&scr_x=0&scr_y=0&ga_vid=1851013192.1516369139&ga_sid=1516369143&ga_hid=368202774

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

09fe120ebb5bc814b4f3266dae25ca6de168a09cc2b823f65eb917728fa9d165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1464
x-xss-protection: 1; mode=block
google-lineitem-id: 4521632370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737367986
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (351 33 KB
0 41ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_173.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12741
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:02 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (F3C 3 KB
2 KB 62ms
61ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1407163762025373&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=1&sfv=1-0-15&iu_parts=15184186%2CPastebin_728x90_970x90_970x250_320x50_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1516369142&dt=1516369142883&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=204&adys=116&adks=3422942979&gut=v2&ifi=1&ifk=3995772453&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F728x90_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&top=https%3A%2F%2Fpastebin.com%2F7P5mvgDx&dssz=12&icsg=1118722&mso=32&std=0&vrg=173&vis=1&scr_x=0&scr_y=0&ga_vid=1851013192.1516369139&ga_sid=1516369143&ga_hid=1259833348

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

70e1fdb9004ea5495c4fc09922fe0586743bc3f4520df76c93b342190d1f98f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1490
x-xss-protection: 1; mode=block
google-lineitem-id: 4521052753
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737329826
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_173.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (F3C 33 KB
0 41ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_173.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12741
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2018 13:39:02 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (351
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

0
619 B

95ms
94ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:05 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.49:80
AN-X-Request-Uuid: 4a07e8a6-1b20-4807-a260-a3f76de22ba7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (351
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://match.adsrvr.org/track/cmf/contextweb
https://match.adsrvr.org/track/cmb/contextweb?
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=629276e1-20f4-4f78-8cf8-1d083a8dabe4
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

0
515 B

112ms
112ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:05 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Fri, 19 Jan 2018 13:39:03 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh00
X-Served-By: cache-hhn1531-HHN

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (351 83 KB
0 6ms
6ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

d38b37159bf64d981602acc01541f1427cffa9479e4f3ef980e5f334ee688676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 30434
x-xss-protection: 1; mode=block
server: cafe
etag: 17055803591118644262
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2018 14:18:40 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (F3C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121

0
619 B

95ms
95ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:05 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:05 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.207:80
AN-X-Request-Uuid: 97f96e49-0a6a-4199-b215-dceec70cb421
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=2184642987609833121
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (F3C
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205

0
515 B

97ms
96ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2018 13:39:05 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Fri, 19 Jan 2018 13:39:03 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=qf473UEAMxz3&ev=1&pid=561205
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh00
X-Served-By: cache-hhn1531-HHN

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (F3C 83 KB
0 6ms
6ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

d38b37159bf64d981602acc01541f1427cffa9479e4f3ef980e5f334ee688676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 19 Jan 2018 13:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 30434
x-xss-protection: 1; mode=block
server: cafe
etag: 17055803591118644262
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2018 14:18:40 GMT

GET
H2 200 menu_mobile.png
pastebin.com/i/ 915 B
1 KB 11ms
11ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_mobile.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/menu_mobile.png
pragma: no-cache
cookie: __cfduid=df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138; _ga=GA1.2.1851013192.1516369139; _gid=GA1.2.1110345782.1516369139; _gat=1; __qca=P0-570666591-1516369139138; __gads=ID=196119693318ddd0:T=1516369142:S=ALNI_MZKCNQOjRYr3Yvjc3zi2LU6WaNUvg
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 13:39:03 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3dfa32a8c95963b5-FRA
content-length: 915
x-xss-protection: 1; mode=block
expires: Thu, 19 Apr 2018 13:39:03 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-18 13:14:15	Name: sess Value: 1
.districtm.io/	1970-01-18 21:58:25	Name: __cfduid Value: dbe9c04bc1baf88366f84c656669601ff1516369141
.tribalfusion.com/	1970-01-18 15:22:25	Name: ANON_ID Value: a2ntmIP3rThoiAyPrSjqutRZbakK0VD0omS3qy6ZaG4EZcYyjRnX1Wd5ZbLgKCPnsGAQh9MknYr7btMsCZcyZaUokZbmb4L
.adnxs.com/	1970-01-18 15:22:25	Name: uuid2 Value: 2184642987609833121
.pastebin.com/	1970-01-18 22:37:17	Name: __qca Value: P0-570666591-1516369139138
.pastebin.com/	1970-01-18 13:14:15	Name: _gid Value: GA1.2.1110345782.1516369139
.pastebin.com/	1970-01-18 21:58:25	Name: __cfduid Value: df6e6ea9bfac021cd5bd5441a7a7ca38d1516369138
.pastebin.com/	1970-01-19 06:44:01	Name: _ga Value: GA1.2.1851013192.1516369139
.adnxs.com/	1970-01-18 15:22:25	Name: icu Value: ChgI0bwwEAoYASABKAEw9-mH0wU4AUABSAEKGAih1zQQChgCIAIoAjD36YfTBTgCQAJIAgoYCO37ORAKGAIgAigCMPfph9MFOAJAAkgCEPfph9MFGAQ.
.adnxs.com/	1970-01-18 15:22:25	Name: anj Value: dTM7k!M4/8DYRWSF']wIg2In@IwVs7!@wnf]meq8dWME4(EW<KR<^%5
.pastebin.com/	1970-01-18 13:12:49	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
adservice.google.com
adservice.google.de
bh.contextweb.com
bid.contextweb.com
cdn.fancybar.net
cm.g.doubleclick.net
csi.gstatic.com
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
pastebin.com
pixel.quantserve.com
prebid.adnxs.com
prebid.districtm.ca
pub.freestar.io
rules.quantcount.com
s.tribalfusion.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tag-st.contextweb.com
tags.expo9.exponential.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
104.20.16.243
104.20.208.21
104.27.107.38
104.27.89.38
151.101.112.166
172.217.12.195
172.217.22.1
172.217.22.14
172.217.22.2
172.217.22.98
185.33.223.210
204.11.109.65
204.11.109.67
204.11.109.68
204.11.109.76
216.58.205.226
23.111.10.144
23.43.115.95
52.51.121.249
54.239.168.168
68.67.153.75
74.125.206.154
95.172.94.44
95.172.94.66
06d6e87dfd0d3d88f09569d806276da48c12996de5a4b5129ea4bbbf159554ef
081688e9b5e7f86e8036f261d185c701158ca2bca35351e82ca4e6b89ad42b45
09fe120ebb5bc814b4f3266dae25ca6de168a09cc2b823f65eb917728fa9d165
0e3f0a2dc277c624b266fb81d86810b4fbab9e6bb2bfcb9cb790239512289df4
125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36
15165ce15de1de59ae31793e0e0a4303f6739437468c446b3b79b4275a4ceb3c
1c4584775800b9fa3992a133f921625eef48e3d7820b01bb6a25ee1f35e649a0
1d262ccb2235be9ad92c525dece5b83bc9f20900aee1847cbf04592fcf475522
1e4160b7a17ea8c1ac8ab04136ac9c85c43dc6565441f9a895d4e62e485eb295
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
20f85a70f2a4ba2ccd0505611d6251aad3bef718adf8c9cb96c256199c13fdf0
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23396f2caca227b0433f07c7952518183b9ffbbaa4574a7da47857693f0e17d1
23a1a8123c5cfb9df1063c6cfbab2b7bb80fe645d6e7158baacbea022a81e2a0
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3
2bb0d22b85644fb996d983abd72fc9715c3a6e2493a30b245d44b642431bd1b8
2ca8904452135a1a1d08c4ff4f873458700854884ebaa667d65c63c851a098bd
2ef23db47a64f3a320580e9e294724ced1f4ab9dbdba2cdc82d41b3f843913c1
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383
3aa8b47cb1d177d58ba42a46e3159a43e5e907cfbac0bdf2a1fa83ca4c16946a
3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009
41e758d7905a8dfd8ded3d11781fd7351f7a77531aa856921961942222b45af4
4409f840bf3901e7546250dfc5d7d5cb721a740dfe201e13aa38bca5bac18730
49c020f741482829c319424eecbbb8bbe0e8b880fabc8acb854c3f4a325a43ab
5054359ef999bcd965abcda654d72368038825d810449966ac3823e4c1474e9e
50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
566bdacc0130573541a01c8d746d5a5eeeb72893ad5795b5cfda5d3067221378
56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20
5880c5ea3cc6fe01cb0c90395db999907eb48fa1cdc7ec0e0ef98043ccfa56f2
5c5dcc85d032ff48a6b3e977f7190acaecadad8b9e69cd749255e3bcabf1f372
5fa10fe96c579f5fd706b715ef82ee258b63e20d7e822329fcf22d0bdc1a0e64
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88
6e1e45ad4eb3eb13fe86b95650806b7e7ae3c73ba34bff2668903ac74e642839
6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642
700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
70e1fdb9004ea5495c4fc09922fe0586743bc3f4520df76c93b342190d1f98f9
7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
785ffe1a20f57f6f9f6b082b94ed3f70bd9d1e4d79ece5d328829070fbb4892c
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011
7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6
7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8565a301411cb2c98daffbca35523836a249555b94ac0a6ea2a3d419900f334c
8c0d78d6c09317c993832ccf0d37d38da713ce6fe2cfeb1a40ef24473da06335
8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a236d87df706c989588ae6c8f3981f4c62d765e96b5250e9525f2a1c16ff77a5
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
cc2d0690e3bff9bc8c528d85dbd507e1164a49c6bae7e34d9d474b2e4c39d325
cd02b637b08374326b56366aa11c214880bf90cb7a5ab12549e2a7d993447197
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2bab129a24e1478988aaf8b5595c80e3e17bd05c6fbd7fc803c4f25d15f3d29
d38b37159bf64d981602acc01541f1427cffa9479e4f3ef980e5f334ee688676
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
dc19b3fcb7e86f044028218b060bfbccf478e5cc23020d53116ba005d657f9b7
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
f23633fbb96224a1a98a2c6b8a357683631048a5c599fca6c6707989fa0618a8
f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc
f7106b1c10628b1dbe9bb051a7f111584e755a235e394f26d9822e10e9fde6c4
f835e6db3a1e4117eb6d711cf3e860817cfe17f2e310b4799d3a47bbf9868061
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

pastebin.com Open in urlscan Pro 104.20.208.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

131 Requests

34 %HTTPS

0 %IPv6

20 Domains

27 Subdomains

22 IPs

5 Countries

1057 kBTransfer

2473 kBSize

11 Cookies

6 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

34 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

22
IPs

5
Countries

1057 kB
Transfer

2473 kB
Size

11
Cookies

131 HTTP transactions
0 data transactions