paste1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3nEVTuB
Effective URL:
https://paste1s.com/notes/2ZOJI4NM
Submission: On August 25 via manual (August 25th 2022, 4:42:21 am UTC) from VN — Scanned from DE

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 34 domains to perform 76 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is paste1s.com.
TLS certificate: Issued by R3 on August 9th 2022. Valid for: 3 months.

This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	95.101.27.38 95.101.27.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	54.229.37.204 54.229.37.204	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.151 65.9.58.151	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2600:9000:206... 2600:9000:206f:7c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.249.238.57 34.249.238.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	18.202.164.188 18.202.164.188	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.228.201.55 54.228.201.55	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
76	34

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

paste1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

ssp.web1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.38 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-38.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.37.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-37-204.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-151.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.238.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.164.188 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-164-188.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.201.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-201-55.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	270 KB
8	paste1s.com paste1s.com	168 KB
7	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1891 mwzeom.zeotap.com — Cisco Umbrella Rank: 1478	22 KB
6	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 32241	215 KB
5	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	6 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	2 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 463	4 KB
4	cpx.to p.cpx.to — Cisco Umbrella Rank: 9782 s.cpx.to — Cisco Umbrella Rank: 2250	5 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 508	2 KB
3	gstatic.com fonts.gstatic.com	31 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1678	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	529 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 976 pixel.quantserve.com — Cisco Umbrella Rank: 458	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 33025	6 KB
2	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 29929	542 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	88 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286	31 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 877	225 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 35256	522 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1005	754 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 461	529 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	644 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	1 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5706	622 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10546	32 KB
1	web1s.com ssp.web1s.com — Cisco Umbrella Rank: 560293	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	41 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4733	235 B
76	34

	Domain	Requested by
8	pagead2.googlesyndication.com	paste1s.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	paste1s.com	paste1s.com
6	ads.themoneytizer.com	paste1s.com ads.themoneytizer.com
5	mwzeom.zeotap.com	paste1s.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	s.cpx.to	p.cpx.to paste1s.com
3	id5-sync.com	paste1s.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.smartadserver.com	1 redirects paste1s.com
2	secure.adnxs.com	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	paste1s.com
2	ib.adnxs.com	2 redirects
2	mug.criteo.com	paste1s.com
2	www.google-analytics.com	www.googletagmanager.com paste1s.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com paste1s.com
2	c.tmyzer.com	paste1s.com
2	cdnjs.cloudflare.com	paste1s.com cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	image2.pubmatic.com	paste1s.com
1	adtrack.adleadevent.com	paste1s.com
1	pixel.quantserve.com	paste1s.com
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	i.imgur.com	paste1s.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	ssp.web1s.com	paste1s.com
1	www.googletagmanager.com	paste1s.com
1	fonts.googleapis.com	paste1s.com
1	bit.ly	1 redirects
76	43

This site contains links to these domains. Also see Links.

Domain
ssp.web1s.com
link1s.com
t.me
youtu.be
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
paste1s.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
ssp.web1s.com R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
c.tmyzer.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://paste1s.com/notes/2ZOJI4NM
Frame ID: CD92B561F6638D476139EFA043B88EEE
Requests: 62 HTTP requests in this frame

Frame: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma
Frame ID: BD24A2F2CD9EA3D50072426D09C6704F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661402536184
Frame ID: 64EF001E905A297FFC1AF079CE08257F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 08B6B2222383F0EE76FA7AA5A067E8A6
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&id=MTIZ
Frame ID: BCA2DFB92EBB83888DE5E08A7C03E6B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661402536&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661402536334&bpp=3&bdt=494&idt=304&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3108491998160&frm=20&pv=2&ga_vid=174611219.1661402537&ga_sid=1661402537&ga_hid=656415749&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068877%2C31067825%2C31062930&oid=2&pvsid=815131343427053&tmod=1533953399&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321
Frame ID: 5555092AD649B44748BF6C0EF4D4D72C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96816FEE8FC028CD7516AD73BF420C3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0FD8A6C71E4F3AF474066488F1E8334
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: Vô Đến Đây Không Xem Đừng Tiếc 🤣

Page URL History Show full URLs

https://bit.ly/3nEVTuB HTTP 301
https://paste1s.com/notes/2ZOJI4NM Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

88 %
HTTPS

41 %
IPv6

34
Domains

43
Subdomains

34
IPs

5
Countries

1602 kB
Transfer

3373 kB
Size

40
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://ssp.web1s.com/tra.php?b=56

Search URL Search Domain Scan URL

URL: https://link1s.com/thuvien18
Title: https://link1s.com/thuvien18

Search URL Search Domain Scan URL

URL: https://link1s.com/jbasic
Title: https://link1s.com/jbasic

Search URL Search Domain Scan URL

URL: https://t.me/donglinkk18
Title: https://t.me/donglinkk18

Search URL Search Domain Scan URL

URL: https://youtu.be/Y0lk3pxJlEo
Title: https://youtu.be/Y0lk3pxJlEo

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3nEVTuB HTTP 301
https://paste1s.com/notes/2ZOJI4NM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XjS-YHxMVnR3MlpJbis1SUR4V3UrZVJGVVBqVGhOVDZBczNaT0xIMzNRbGFJTDQ5MXNlWmF2RUQxNTdpZmFnRGFoaGJ0d2I4dGcwaEtyM245eUtrd0NkeldaeStqZWJnRGwrQWFkMzMyVy9vNHB6REhqUTh3WnljcVliVG1MN283ckNtbDlMTU9tVTF0RmlLZ0NCRGd5KyttMlgxZmlLSTZYSks2UUdYZG1HMVBic2Vib2JQcFUyUUVUZXlQbHg3TUhpc2RuOEtXbSt0bXEyOENUVElLWjBCbEVHNC9abWFEMWVFWkJaaWRtTkdYZEh3PXw&cppv=2

Request Chain 51

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945d66%26reqId%3Db9a3f0ad-ce20-4f69-4f3b-8be2a446ae37%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=1240738089868408426&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJkZngXpXA0xitz89PD5NKY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258

Request Chain 54

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b627fd99-b379-4cd8-6bbd-df40c5945d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945d66%26reqId%3Db9a3f0ad-ce20-4f69-4f3b-8be2a446ae37%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b627fd99-b379-4cd8-6bbd-df40c5945d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945d66%26reqId%3Db9a3f0ad-ce20-4f69-4f3b-8be2a446ae37%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=90713139418364808281924944317204404230&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258

Request Chain 55

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=dXClg%2Fprakp3sdXPw5myKT1X13wSfGMF%2BS41iYitP1U%3D

Request Chain 56

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945d66%26reqId%3Db9a3f0ad-ce20-4f69-4f3b-8be2a446ae37%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f11f6306-fda8-4a00-869d-55688581c369&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258

Request Chain 61

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F2ZOJI4NM%26hn_ver%3D40%26fid%3D6d67e93a-b597-4b92-af27-f0da20d4516b HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fpaste1s.com%25252Fnotes%25252F2ZOJI4NM%2526hn_ver%253D40%2526fid%253D6d67e93a-b597-4b92-af27-f0da20d4516b HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=7969238293063692369&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=6d67e93a-b597-4b92-af27-f0da20d4516b

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&google_gid=CAESEDBgdBFls8Uu628_rkCY5hw&google_cver=1

Request Chain 63

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0&cklb=1

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 2ZOJI4NM Show response
paste1s.com/notes/
Redirect Chain

https://bit.ly/3nEVTuB
https://paste1s.com/notes/2ZOJI4NM

25 KB
10 KB

726ms
593ms

Document
text/html

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

ca8ff01f62253e7d7e9a9d4f58d0be964122be11937010bf12f28b3d994fc4c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 04:42:15 GMT
server: fbs
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds243.fr8.sc,1661402535.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1661402535.cds243.fr8.p
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 121
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 04:42:15 GMT
location: https://paste1s.com/notes/2ZOJI4NM
server: nginx
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 90ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 04:16:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 04:42:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 04:42:15 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 71ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1843525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxpa5Vgk%2FrmeKWd%2Bl%2F4c6MzqXWRLqsCgHLVLq9k3nHPRg7oSITNOxxq%2FvnS887OAD6DVgJyJxgaLbSCh0vFI6QY9iZ7MMboeEAYGycaOxaa50V9MbIMIBnmMw%2BzmhC9otLcX%2FvWLlfJh8Ov%2Ft9SjcrQI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7401a8f95bd0698f-FRA
expires: Tue, 15 Aug 2023 04:42:15 GMT

GET
H2 200 app.css
paste1s.com/css/ 143 KB
27 KB 23ms
22ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/2ZOJI4NM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 01:57:45 GMT
server: fbs
etag: W/"62562e19-23c92"
x-frame-options: SAMEORIGIN
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds257.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges: bytes
content-length: 27999
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 92ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8125a21e36db2473bb4327b21ca81af645ab690240d2f60be1902cc42580fe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42009
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Aug 2022 04:42:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 98ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74da0578806b5352906a3bc9f40431f592c2c9c7852c3d9aaf2b2ce3b95e79f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57411
x-xss-protection: 0
server: cafe
etag: 4628603653147674294
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 04:42:16 GMT

GET
H2 200 logo.png
paste1s.com/images/ 23 KB
23 KB 56ms
53ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste1s.com/images/logo.png

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/2ZOJI4NM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 03:04:33 GMT
server: fbs
etag: "62563dc1-5c8a"
x-frame-options: SAMEORIGIN
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds224.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges: bytes
content-length: 23690
x-xss-protection: 1; mode=block

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 77ms
19ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BDXI4z/xQgAAA
x-accel-expires: @1661486690
date: Thu, 25 Aug 2022 04:42:15 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: akCQD9HeEbQ
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 2245
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 104 KB
14 KB 151ms
113ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 67d995e9f00b7360f6b57e6e2e74adb89626a5821d9a6fa69aaf104e5e84c74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BCprXmh
x-accel-expires: @1661488936
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: AHtZtskBp1o
x-77-cache: MISS
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 51ms
20ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BBN7/T/xQgAAA
x-accel-expires: @1661486690
date: Thu, 25 Aug 2022 04:42:15 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: NLcR0vapPg8
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 2245
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 103 KB
14 KB 143ms
113ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dd3a8f2528297fc3456b45fe4c9d4839650c112a5dc6ac405fc2cc0d61786ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BAbnQ2h
x-accel-expires: @1661488936
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: WcRRCt8BjBA
x-77-cache: MISS
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 app.js Show response
paste1s.com/js/ 258 KB
93 KB 27ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/2ZOJI4NM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 01:57:45 GMT
server: fbs
etag: W/"62562e19-40688"
x-frame-options: SAMEORIGIN
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds222.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges: bytes
content-length: 94951
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 115ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e898ec6d5bcc139b66acceeb5bc262c52f085734924ec9b71647f7d892ec6b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57374
x-xss-protection: 0
server: cafe
etag: 9311015595813719265
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 04:42:16 GMT

GET
H2 200 ser.php Show response
ssp.web1s.com/ 2 KB
1 KB 168ms
60ms Script
text/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.web1s.com/ser.php?t=AADIV35&f=35&psc=

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx / LarVPS

Resource Hash

375976e803f84a6b563b35e4cbe3a582f648e5c76546b9bfc920d6f940401502

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: LarVPS
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-hw: 1661402536.cds224.fr8.hn,1661402536.cds123.fr8.sc,1661402536.cds123.fr8.p
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
paste1s.com/sbbi/ Frame BD24 25 KB
11 KB 46ms
44ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma&sbbgs=h41689f8635f5820b3c89862fdc75dd53240&ddl=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: cb11b630f404e7f57912701bb62a47d0a6ae8b18e0c0ed3d08f22016372bf0c8

Request headers

Referer: https://paste1s.com/notes/2ZOJI4NM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 04:42:15 GMT
server: fbs
x-accel-expires: 0
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds154.fr8.sc,1661402535.cdn2-wafbe02-fra1.stackpath.systems.-.i,1661402535.cds154.fr8.p

GET
H2 200 /
paste1s.com/sbbi/ 43 B
261 B 46ms
44ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste1s.com/sbbi/?sbbpg=utMedia&vii=che431f6a8596f08c6b3256f457882107b439c88498886520f3dfc7745cd9d85g3j2r4h0
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/2ZOJI4NM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Thu, 25 Aug 2022 04:42:15 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1661402535.cds166.fr8.hn,1661402535.cds250.fr8.sc,1661402535.cdn2-wafbe04-fra1.stackpath.systems.-.i,1661402535.cds250.fr8.p
content-type: image/gif

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 61ms
26ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 120504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=my9pMvfa7ph3TP36XX5MpRcRI17KGhDYz5BW0yyjRdxjTDFv48cN6Ck4a3OLqC0lQGWe6rZcep018tu0HqG9XEFNUeSSd4%2FMLCyA%2Fl%2BYUvphp67VuiwVHLNkgFWOoXGFpDhfGqhwOx%2Biq9%2BGmHh%2BAG%2F8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7401a8fa1bf39b49-FRA
expires: Tue, 15 Aug 2023 04:42:16 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 86ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 19:04:03 GMT
x-content-type-options: nosniff
age: 293893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 19:04:03 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 28ms
26ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BA9nGj/yAgAAA
pragma: public
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: QYs8KemESVU
x-77-cache: HIT
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
x-cache: HIT
x-age: 2248
x-77-pop: frankfurtDE
x-accel-expires: @1661486688
expires: Fri, 26 Aug 2022 04:04:48 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 154ms
57ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93800&f=1&fi=99
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Aug 2022 04:42:16 GMT
Server: nginx
X-IPLB-Request-ID: D972DA19:ABF2_36264064:01BB_6306FDA8_C6F92BF:1CACB
X-IPLB-Instance: 38439
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 94 KB
32 KB 145ms
21ms Script
application/javascript 95.101.27.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 04:42:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 32364
Expires: Thu, 25 Aug 2022 04:57:16 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 467ms
46ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1263
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
21 KB 91ms
36ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7401a8fb88a59b88-FRA
date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 160ms
29ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 04:42:16 GMT
Last-Modified: Mon, 18 Oct 2021 12:21:41 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: D972DA19:D54E_91EFC0A6:01BB_6306FDA8_4223399D:4505
ETag: "616d66d5-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 64EF 0
0 71ms
22ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661402536184

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 88ms
20ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
etag: "gV5iHc/sd8Rde4C/i53H5w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 01 Sep 2022 04:42:16 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12771/ 2 KB
2 KB 183ms
42ms Script
application/javascript 54.229.37.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12771/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.37.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-37-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 04:42:15 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 96ms
21ms Script
text/javascript 65.9.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-151.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:47:56 GMT
Via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 14064
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: zaun4OBxCI_fmbfRhdeTy-YKK9PdBbYgpufsYgA9kZtGCJU1_wDRPg==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_10/build/dist/ 631 KB
166 KB 55ms
54ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 933986aac7340244fe7626ade14f974ba7c73e3301a9db8fa9dad6a94aded99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abk73BDvStH/yAgAAA
pragma: public
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: br
etag: W/"62fba81a-9db2c"
last-modified: Tue, 16 Aug 2022 14:22:18 GMT
server: CDN77-Turbo
x-77-nzt-ray: Abe6OTQruao
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 2248
x-77-pop: frankfurtDE
x-accel-expires: @1662437088

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 133ms
32ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93800&f=2&fi=99
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Aug 2022 04:42:16 GMT
Server: nginx
X-IPLB-Request-ID: D972DA19:ABF6_36264064:01BB_6306FDA8_C700E7D:12F5F
X-IPLB-Instance: 38436
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
12 KB 62ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 07:17:53 GMT
x-content-type-options: nosniff
age: 163463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:17:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 341 KB
120 KB 93ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c36cb1fa49c6ac765d0fa27da2daf16387a5c834f573324b545d59741d56568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122737
x-xss-protection: 0
server: cafe
etag: 6963411310360956430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 04:42:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 08B6 10 KB
5 KB 66ms
18ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 18:23:24 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 18:23:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5779
date: Thu, 25 Aug 2022 03:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 05:05:57 GMT

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 14:04:11 GMT
x-content-type-options: nosniff
age: 139085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 14:04:11 GMT

GET
H2 200 vyl1msc.gif
i.imgur.com/ 621 KB
622 KB 64ms
19ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/vyl1msc.gif

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e71e1c2805931c552d9bea70ee881ab61d9baca7fecbd841aef350069ca085ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
x-content-type-options: nosniff
age: 1927415
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 636112
x-served-by: cache-iad-kiad7000069-IAD, cache-fra19170-FRA
last-modified: Mon, 28 Feb 2022 03:37:54 GMT
server: cat factory 1.0
x-timer: S1661402537.506924,VS0,VE2
etag: "070ebece8bfd63bd057c0540b3ac3b4e"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 70ms
19ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:15 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 75ms
20ms Script
application/javascript 2600:9000:206f:7c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:03:21 GMT
content-encoding: gzip
age: 2335
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ivAnHxxmuOUcnkJk0Qyx4MDv2SW9wIyD_m4xb4bbijZB79bvJv9VXA==

GET
H2 200 / Show response
spl.zeotap.com/ 2 KB
986 B 34ms
34ms XHR
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f073cdc43759db05a4f040bcd9aaa5a45545a243a6a45a0d5366ebadba939f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7401a8fd7a6f9b88-FRA
date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 138ms
46ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paste1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 04:42:16 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1179
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=XjS-YHxMVnR3MlpJbis1SUR4V3UrZVJGVVBqVGhOVDZBczNaT0xIMzNRbGFJTDQ5MXNlWmF2RUQxNTdpZmFnRGFoaGJ0d2I4dGcwaEtyM245eUtrd0NkeldaeStqZWJnRGwrQWFkMzMyVy9vNHB6REhqUTh3WnljcVliVG...

355 B
619 B

83ms
28ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XjS-YHxMVnR3MlpJbis1SUR4V3UrZVJGVVBqVGhOVDZBczNaT0xIMzNRbGFJTDQ5MXNlWmF2RUQxNTdpZmFnRGFoaGJ0d2I4dGcwaEtyM245eUtrd0NkeldaeStqZWJnRGwrQWFkMzMyVy9vNHB6REhqUTh3WnljcVliVG1MN283ckNtbDlMTU9tVTF0RmlLZ0NCRGd5KyttMlgxZmlLSTZYSks2UUdYZG1HMVBic2Vib2JQcFUyUUVUZXlQbHg3TUhpc2RuOEtXbSt0bXEyOENUVElLWjBCbEVHNC9abWFEMWVFWkJaaWRtTkdYZEh3PXw&cppv=2

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3cd595c0ab457a63c57148a9bc81e74e52b1ff3f0bcb4edd28c1a9be939a0530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2186
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
location: https://mug.criteo.com/sid?cpp=XjS-YHxMVnR3MlpJbis1SUR4V3UrZVJGVVBqVGhOVDZBczNaT0xIMzNRbGFJTDQ5MXNlWmF2RUQxNTdpZmFnRGFoaGJ0d2I4dGcwaEtyM245eUtrd0NkeldaeStqZWJnRGwrQWFkMzMyVy9vNHB6REhqUTh3WnljcVliVG1MN283ckNtbDlMTU9tVTF0RmlLZ0NCRGd5KyttMlgxZmlLSTZYSks2UUdYZG1HMVBic2Vib2JQcFUyUUVUZXlQbHg3TUhpc2RuOEtXbSt0bXEyOENUVElLWjBCbEVHNC9abWFEMWVFWkJaaWRtTkdYZEh3PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1708
content-length: 482
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 216 B
621 B 19ms
19ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

469aa7bbbec23b6fff03560a10cad830b88c61c51d64871472f350f026474072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paste1s.com
date: Thu, 25 Aug 2022 04:42:15 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame BCA2 0
246 B 30ms
30ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Aug 2022 04:42:16 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 30195
X-IPLB-Request-ID: D972DA19:D54E_91EFC0A6:01BB_6306FDA8_4223399F:4505

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 857 B
1 KB 168ms
40ms Script
application/javascript 34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=6d67e93a-b597-4b92-af27-f0da20d4516b

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

657c3d4f517bf841157edc9b025df8113abf85330b02eaf5f677c6aff19ca3ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 25 Aug 2022 04:42:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 857
Expires: Tue, 23 Aug 2022 15:14:43 UTC

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 216 B
621 B 21ms
19ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

702531abbdc7f1ffc5570b5be029f05dc6324c7a7076effbe137ff4eb53eff4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paste1s.com
date: Thu, 25 Aug 2022 04:42:15 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 03:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 03:02:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 92ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste1s.com&callback=_gfp_s_&client=ca-pub-9792971117783742

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

15c889bbf786e315dfa1d56628e49f53f7ea09a7c56bb06dfc258fe65301f3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste1s.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 74ms
27ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste1s.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&tn=SPAN&id=footerbanner56A&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5555 603 B
67 B 78ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661402536&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661402536334&bpp=3&bdt=494&idt=304&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3108491998160&frm=20&pv=2&ga_vid=174611219.1661402537&ga_sid=1661402537&ga_hid=656415749&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068877%2C31067825%2C31062930&oid=2&pvsid=815131343427053&tmod=1533953399&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 04:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 68ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=656415749&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ul=en-us&de=UTF-8&dt=Note%3A%20V%C3%B4%20%C4%90%E1%BA%BFn%20%C4%90%C3%A2y%20Kh%C3%B4ng%20Xem%20%C4%90%E1%BB%ABng%20Ti%E1%BA%BFc%20%F0%9F%A4%A3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1303744442&gjid=1237492766&cid=174611219.1661402537&tid=UA-129758818-17&_gid=196781828.1661402537&_r=1&gtm=2ou8m0&z=1741640316

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945...
https://mwzeom.zeotap.com/mw?adnxs_uid=1240738089868408426&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258

95 B
153 B

31ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=1240738089868408426&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7401a8ff2c149b88-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 04:42:16 GMT
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2b4c977c-2dfe-48ca-b23e-e6228a5252af
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=1240738089868408426&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJkZngXpXA0xitz89PD5NKY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3...

95 B
153 B

32ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJkZngXpXA0xitz89PD5NKY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7401a8ff4c319b88-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJkZngXpXA0xitz89PD5NKY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 131ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db627fd99-b379-4cd8-6bbd-df40c5945d66%26reqId%3Db9a3f0ad-ce20-4f69-4f3b-8be2a446ae37%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b627fd99-b379-4cd8-6bbd-df40c5945d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b627fd99-b379-4cd8-6bbd-df40c5945d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=90713139418364808281924944317204404230&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a4...

95 B
153 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=90713139418364808281924944317204404230&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7401a8ffbc8a9b88-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v038-0358e1334.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: stxdf09oRfY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=90713139418364808281924944317204404230&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=dXClg%2Fprakp3sdXPw5myKT1X13wSfGMF%2BS41iYitP1U%3D

95 B
153 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=dXClg%2Fprakp3sdXPw5myKT1X13wSfGMF%2BS41iYitP1U%3D
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7401a8ff5c3d9b88-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=dXClg%2Fprakp3sdXPw5myKT1X13wSfGMF%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db6...
https://mwzeom.zeotap.com/mw?cid=f11f6306-fda8-4a00-869d-55688581c369&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b...

95 B
164 B

46ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f11f6306-fda8-4a00-869d-55688581c369&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7401a8fefbcf9b88-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 25 Aug 2022 04:42:16 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=f11f6306-fda8-4a00-869d-55688581c369&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b627fd99-b379-4cd8-6bbd-df40c5945d66&reqId=b9a3f0ad-ce20-4f69-4f3b-8be2a446ae37&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 25 Aug 2022 04:42:15 GMT

GET
H2 200 pixel;r=127610032;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM;uht=2;fpan=1;fpa=P0-633431015-1661402536702;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
372 B 39ms
22ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=127610032;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM;uht=2;fpan=1;fpa=P0-633431015-1661402536702;pbc=;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=paste1s.com;dst=0;et=1661402536702;tzo=0;ogl=title.Online%20Notepad%2Cdescription.note1s%252Ecom%20is%20your%20online%20notepad%20on%20the%20web%252E%20It%20allows%20you%20to%20store%20notes%20on%20th%2Cimage.https%3A%2F%2Flh3%252Egoogleusercontent%252Ecom%2Fproxy%2FFbbmTTxOezBpLsfx2__U9Iirj6ntJFpFNrjuFVOH%2Clocale.en_US%2Ctype.website%2Csite_name.Online%20Notepad

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 / Show response
paste1s.com/sbbi/ Frame BD24 516 B
484 B 44ms
43ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma&sbbgs=h41689f8635f5820b3c89862fdc75dd53240&ddl=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://paste1s.com
Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma&sbbgs=h41689f8635f5820b3c89862fdc75dd53240&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 04:42:16 GMT
server: fbs
x-accel-expires: 0
x-hw: 1661402536.cds166.fr8.hn,1661402536.cds137.fr8.sc,1661402536.waf1-node01-fra02.stackpath.systems.-.i,1661402536.cds137.fr8.p

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
522 B 234ms
45ms XHR
application/x-javascript 54.228.201.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.201.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-201-55.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 04:42:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 04:42:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://paste1s.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 188ms
26ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6d67e93a-b597-4b92-af27-f0da20d4516b
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:21:30 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F2ZOJI4NM%26hn_ver%3D40%26fid%3...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fpaste1s.com%...
https://s.cpx.to/an_fire?app_nexus_uid=7969238293063692369&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=6d67e93a-b597-4b92-af27-f0da20d4516b

95 B
865 B

41ms
41ms

Image
image/png

34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=7969238293063692369&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=6d67e93a-b597-4b92-af27-f0da20d4516b

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

HTTP/1.1

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 25 Aug 2022 04:42:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 25 Aug 2022 04:42:16 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 04:42:16 GMT
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 18eb7c02-ffe5-4497-aa9e-4e54fcc6922d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=7969238293063692369&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=6d67e93a-b597-4b92-af27-f0da20d4516b
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b
https://s.cpx.to/ca.png?dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&google_gid=CAESEDBgdBFls8Uu628_rkCY5hw&google_cver=1

95 B
804 B

40ms
40ms

Image
image/png

34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&google_gid=CAESEDBgdBFls8Uu628_rkCY5hw&google_cver=1

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

HTTP/1.1

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 25 Aug 2022 04:42:16 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&google_gid=CAESEDBgdBFls8Uu628_rkCY5hw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0&cklb=1

0
316 B

29ms
28ms

Image
text/plain

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0&cklb=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: HTTP/1.1
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6d67e93a-b597-4b92-af27-f0da20d4516b&gdpr=0&cklb=1
pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 61ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 04:42:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 106ms
25ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 04:42:16 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1101
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
paste1s.com/sbbi/ Frame BD24 7 KB
3 KB 351ms
350ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: e6966b80aa04b0463500214df35dc47e1e002d57f91aa23e39889233e4fc0119

Request headers

Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ma&sbbgs=h41689f8635f5820b3c89862fdc75dd53240&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 04:42:17 GMT
server: fbs
x-accel-expires: 0
x-hw: 1661402536.cds166.fr8.hn,1661402536.cds002.fr8.sc,1661402537.waf1-node03-fra02.stackpath.systems.-.i,1661402537.cds002.fr8.p

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
37ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a86874fbb24df0387fae963c3ba37c67ee181b51cc0eba8097a2de8545472a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 04:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 04:42:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9681 13 KB
5 KB 67ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 04:34:26 GMT
expires: Fri, 25 Aug 2023 04:34:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0FD 783 B
1 KB 79ms
30ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71f7361709beaf478ca65d0b40b43bc82bd44ff3db42129f4c7ff4c1e3bcb7e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MyWyn5iYExbc0UpZcQMjYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MyWyn5iYExbc0UpZcQMjYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 04:42:17 GMT
expires: Thu, 25 Aug 2022 04:42:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0FD 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=815131343427053&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9681 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 07:47:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9681 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FdfBeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:42:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=815131343427053&bg=!pqWlpeHNAAYUOm8VNDo7ACkAdvg8WsP7oibr1P-WboBzQ5HdJKUAhAejP2uBkR1XoqHFVf6k0ABrVgIAAABDUgAAAApoAQcKAIWZt2vfz1GwwVXeVezn91r7DY3RwbdI1cHXrjafx5wkYd_sm4HUnRm1wFoiPsf16GU_t3fIc19k-Yxxv9eujgawVsbg_sCjQRBTxrKfIE_hm7S0hA7Nxb6OV7k7dxsPUIBbxQ9lB8dzQrsGs9JcLZk7HTgv9bL9Byqn1M60wQNllIwaBwqbmQLaJFNoCG6l4cDHAz7um3dl0fyAGRc6rXLS15keIVxULRfUru9i5zz12sYu84R-JSvheoXMgLWQcDtFj0dZIeCehyoDQ006YUBW6QziI2m99eTs05JJGbv7pu3BvVay3GjA0QDKJ0lj_pcWkRfqLAlp8OPGP5k4B7rgtJ2P1XmRyF1EliV2rgjk4UNsUvKEkPNT7pvZ-E-pDv4Q0oJLEjdL_XehoCJDVInFpgqK8-8sDkKprfUm5C3mHbDiOwgyLWRh_Mn8ctY9D0aRhbcb48Kw2Xv0blY34sPrl7_WaFUcZ0RT80fT1W_v1sIFRrSnjxpZR-g1z0I-sfhM2Mpsp_dzcKfT06Qv3wfkb2kp9FoD3zewL7XcQgbcnakNLwyWfQfMy0ZlYRcACJR3TiijsDr9HTihnwINzGXMm2PNj1lXenFh-37-MV6YKKX2hJhhOMsMkhdzCwLyGWnFgDmv4Q-5sMo-CMcIn7cqJHoiGWaFdUAfZcjvbZNJ8NGVUNVe9KGVIASCc8fwNGoqvgWwYPcpND9c_X5DSa49Vcwk8xqVT73k2FkP_NyYpzH9zPTBimM8Pd8je8OxNhSi11WZ2GO7iXEJOUovEbau47G-OQCyrEw7i1V60BLjPqPD1sjXtOdP6JmpjARhhLXOczGXTjqXaDI6dzMRDccbkcvxBhrtjj9mSoE-vpPggVJf5-u1EMMppLXncWalcsl_WlzSDyEku2jMwSzuRLZ49D1Cr-mmgu8i4Fz26XAVmixaCnuM1Vm_YKBT5hH2wc6NhaKTQ3so9o0HXg8SK2wjpjnvYhctFwikhwKLpoDow_clB_lKC_3UHDJizg-6NfG0WZgN6J3pvN-gBikoKBqCAhLCv0IX2tIY9kj1dhMS3KUf6766-Baq6yRqS_eRD6Ff1iA00SnEBl7B-Eleqt0L3cpWV7RnplNFC82a-Kh0h6z4-CuX0g9gxxurmXlyIQkV0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 09:49:14	Name: _bit Value: m7p4Gf-4a1719277132d4e2e3-00m
paste1s.com/	1969-12-31 23:59:59	Name: SPSI Value: ce3fa560cb2647817498488503f74c98
paste1s.com/	1969-12-31 23:59:59	Name: SPSE Value: brXqHUUjoR+0mhlkpMlNnrHc2fda7WSMU+FBhINpKW1eCkxgvtTGIpXz3f44cQqrYCYa399V/2Q9PAfDrkumkw==
paste1s.com/	1970-01-20 05:30:09	Name: spcsrf Value: d11434d2245c9331a7ba8248a599b363
paste1s.com/	1970-01-20 05:30:09	Name: XSRF-TOKEN Value: eyJpdiI6IkxEeHg4UWQ4UHprQUlRNVpWR21ONGc9PSIsInZhbHVlIjoiSnJLelV2dkprTDBRL2JaYitsczkvMU84aXRYUElVWWs5WXRxNTNVTGViUXAweGUyT3prSTl4aWJqVy8zQ0g1WTNXUFM5QXFXYVhBdlRUaUI3b0IrZXB2VDA2S0pLZE0xVFExZjFNclpwN0VwdTdTY1gxLzVJdjdBdXd1dzFIa2wiLCJtYWMiOiJkYTY3MmUxOWYwMDgxYzBhZGQxYjllYzI0N2FkMTNmZGMwNzFiZGIxNzI0MzJkOGY2ODFmMjRjNWI0NzU1MjY5In0%3D
paste1s.com/	1970-01-20 05:30:09	Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session Value: eyJpdiI6ImpmNTV1eUpmRDc5RTJiS2lUMnJHL2c9PSIsInZhbHVlIjoiQmczZU5SWDF4UkFJNmlyYmlyQnE1eVVyaW94NGhIZG16TFZQeDVuMUhwQVNuc0hWTDhIL3EwUzRzSXdkSkloYXhzb21LZ2dYQytCK24vZHR0TmFZbUo0OC9YTzVDQm91dmw0Wk9xOVkrem9ES1R5NmxRWmxsR0VrbVhXMUVoYTgiLCJtYWMiOiJiNjkyNWRiYTkzMTRmZTI4YzAwZGEwYmY3MDk2Nzk1OWI5NzQxNzEyMmYxZmExMjE5MjZmYzIzMWIzMWRhYTBhIn0%3D
paste1s.com/	1970-01-20 05:30:02	Name: sp_lit Value: LPR1Hz9dcro+yNTAsoy7xw==
paste1s.com/	1969-12-31 23:59:59	Name: PRLST Value: ma
paste1s.com/	1970-01-20 09:49:14	Name: UTGv2 Value: h41689f8635f5820b3c89862fdc75dd53240
paste1s.com/	1969-12-31 23:59:59	Name: adOtr Value: afe5c03c62b
.id5-sync.com/	1970-01-20 05:30:02	Name: cf Value:
.id5-sync.com/	1970-01-20 05:30:02	Name: cip Value:
.id5-sync.com/	1970-01-20 05:30:02	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:30:02	Name: car Value:
.id5-sync.com/	1970-01-20 05:30:02	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:30:02	Name: callback Value:
paste1s.com/	1970-01-20 06:13:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
.paste1s.com/	1970-01-20 06:10:21	Name: sharedid Value: 0c523f14-e549-461d-b556-284308e8bb3f
.zeotap.com/	1970-01-20 14:15:38	Name: zc Value: b627fd99-b379-4cd8-6bbd-df40c5945d66
.zeotap.com/	1970-01-20 05:31:28	Name: zsc Value: %8B%27%F3%02L%E9%C8%D2%09%1D%85%80h%0CW%2A%AAb%DF%10%AA%B9%D9q%00Y%F6%11%BA%1Eo%8D%3E%9C%E3%08%C4%1F%D0%E5%60%A2%05q%02%3D%3E%83Y%C1t%B1%AA%CD%A4%08%F2%7F%DF9E%0B%1A%8A%9E%3BP%B3f%0B%A2%13%ADk%0B%B8%3C%ACg6%A2%A1%F4%DF%E6i%E7%A3%0E7%87%FE%C9%BB%18%B8%3CcM%F0%1A%BDO%EC%AE
.paste1s.com/	1970-01-20 15:06:02	Name: _ga Value: GA1.2.174611219.1661402537
.paste1s.com/	1970-01-20 05:31:28	Name: _gid Value: GA1.2.196781828.1661402537
.paste1s.com/	1970-01-20 05:30:02	Name: _gat_gtag_UA_129758818_17 Value: 1
.quantserve.com/	1970-01-20 15:00:16	Name: mc Value: 6306fda8-b2f73-31790-7d612
.paste1s.com/	1970-01-20 14:51:38	Name: __gads Value: ID=675f55199ee6396e-22a403ca00ce00cc:T=1661402536:RT=1661402536:S=ALNI_MYqEA7joEE73TvwL0UHaAsa_Tuhpg
.paste1s.com/	1970-01-20 14:54:31	Name: __qca Value: P0-633431015-1661402536702
.cpx.to/	1970-01-20 14:15:38	Name: cpSess Value: 51ad2212fe69b566
.mathtag.com/	1970-01-20 14:55:57	Name: uuid Value: f11f6306-fda8-4a00-869d-55688581c369
.cpx.to/	1970-01-20 14:15:38	Name: dsp_dbm Value: CAESEDBgdBFls8Uu628_rkCY5hw#1661402536799
.adnxs.com/	1970-01-20 07:39:38	Name: uuid2 Value: 7969238293063692369
.doubleclick.net/	1970-01-20 14:51:38	Name: IDE Value: AHWqTUkyUx8y3CGK2_9xHs5KzmVO4jw9Xkt0NexSrMvv4OQ1Rhw6M14DkxQshTiNWXo
.agkn.com/	1970-01-20 14:15:38	Name: ab Value: 0001%3A533JzPfk4KgoNH3MqKK4spggjiKCznVZ
.demdex.net/	1970-01-20 09:49:14	Name: demdex Value: 90713139418364808281924944317204404230
.cpx.to/	1970-01-20 14:15:38	Name: dsp_app_nexus Value: 7969238293063692369#1661402536874
.dpm.demdex.net/	1970-01-20 09:49:14	Name: dpm Value: 90713139418364808281924944317204404230
.smartadserver.com/	1970-01-20 14:15:38	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 14:15:38	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.paste1s.com/	1970-01-20 14:51:38	Name: cto_bundle Value: Eys6DV9XJTJCZk13eHV6aVlKYkprQ2JlWnl0bWhKWmZYRGIlMkZrSDFGYlB5aCUyRmtBdXhHd0ZvNWwyZEhFb3c1eUpZclQzRmZobnpWTERNcVNvT0s0RENkWlF0R0JKZWMyWkI4aGt2Smk3RFR2SFlpYmszeWJoQ2syJTJCTUElMkJWMmo0bTdmMWJKZ0c
.paste1s.com/	1970-01-20 14:51:38	Name: cto_bidid Value: byLduF9Vb2p4eUs1T1Rqc2YyYld2QTY0WW1DYUd0aHpGVGZEVmduRnJxSHlhSnFkWWNMY1ZWZjFPMG5mMU1XQTRoZGg1JTJCJTJCRGQ5M1E1MGdKbVRJJTJCJTJGdDQzV1Z3JTNEJTNE
.smartadserver.com/	1970-01-20 14:15:38	Name: pid Value: 6135526903437621994

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661402536&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661402536334&bpp=3&bdt=494&idt=304&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3108491998160&frm=20&pv=2&ga_vid=174611219.1661402537&ga_sid=1661402537&ga_hid=656415749&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068877%2C31067825%2C31062930&oid=2&pvsid=815131343427053&tmod=1533953399&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.themoneytizer.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
ajax.googleapis.com
bit.ly
c.tmyzer.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
paste1s.com
pixel.mathtag.com
pixel.quantserve.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssp.web1s.com
sync.smartadserver.com
tag.leadplace.fr
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
141.95.98.64
142.250.186.130
142.250.186.98
145.239.192.166
15.197.193.217
151.101.12.193
151.139.128.10
151.139.128.11
178.250.2.146
18.202.164.188
185.64.189.110
185.86.139.89
185.89.210.20
185.89.210.212
2.18.233.201
2600:9000:206f:7c00:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700::6811:180e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a02:2638:1::13
2a02:6ea0:c700::10
34.249.238.57
34.250.36.127
51.38.120.206
54.228.201.55
54.229.37.204
54.38.64.100
65.9.58.151
67.199.248.11
95.101.27.38
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9
15c889bbf786e315dfa1d56628e49f53f7ea09a7c56bb06dfc258fe65301f3ad
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
375976e803f84a6b563b35e4cbe3a582f648e5c76546b9bfc920d6f940401502
3a86874fbb24df0387fae963c3ba37c67ee181b51cc0eba8097a2de8545472a9
3cd595c0ab457a63c57148a9bc81e74e52b1ff3f0bcb4edd28c1a9be939a0530
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
469aa7bbbec23b6fff03560a10cad830b88c61c51d64871472f350f026474072
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657c3d4f517bf841157edc9b025df8113abf85330b02eaf5f677c6aff19ca3ec
67d995e9f00b7360f6b57e6e2e74adb89626a5821d9a6fa69aaf104e5e84c74c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702531abbdc7f1ffc5570b5be029f05dc6324c7a7076effbe137ff4eb53eff4e
71f7361709beaf478ca65d0b40b43bc82bd44ff3db42129f4c7ff4c1e3bcb7e5
74da0578806b5352906a3bc9f40431f592c2c9c7852c3d9aaf2b2ce3b95e79f5
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8125a21e36db2473bb4327b21ca81af645ab690240d2f60be1902cc42580fe6c
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
933986aac7340244fe7626ade14f974ba7c73e3301a9db8fa9dad6a94aded99c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9c36cb1fa49c6ac765d0fa27da2daf16387a5c834f573324b545d59741d56568
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
ca8ff01f62253e7d7e9a9d4f58d0be964122be11937010bf12f28b3d994fc4c8
cb11b630f404e7f57912701bb62a47d0a6ae8b18e0c0ed3d08f22016372bf0c8
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
dd3a8f2528297fc3456b45fe4c9d4839650c112a5dc6ac405fc2cc0d61786ac7
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6966b80aa04b0463500214df35dc47e1e002d57f91aa23e39889233e4fc0119
e71e1c2805931c552d9bea70ee881ab61d9baca7fecbd841aef350069ca085ac
e898ec6d5bcc139b66acceeb5bc262c52f085734924ec9b71647f7d892ec6b2a
f5f073cdc43759db05a4f040bcd9aaa5a45545a243a6a45a0d5366ebadba939f

paste1s.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

88 %HTTPS

41 %IPv6

34 Domains

43 Subdomains

34 IPs

5 Countries

1602 kBTransfer

3373 kBSize

40 Cookies

8 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

88 %
HTTPS

41 %
IPv6

34
Domains

43
Subdomains

34
IPs

5
Countries

1602 kB
Transfer

3373 kB
Size

40
Cookies

76 HTTP transactions
0 data transactions