paste1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paste1s.com/notes/QZXB9V6
Effective URL:
https://paste1s.com/notes/QZXB9V6
Submission: On November 15 via manual (November 15th 2022, 1:19:04 am UTC) from VN — Scanned from DE

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 16 domains to perform 62 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is paste1s.com.
TLS certificate: Issued by R3 on October 8th 2022. Valid for: 3 months.

This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
4 7	2606:4700:20:... 2606:4700:20::681a:41a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:245... 2600:9000:2453:4a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:dc00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:7400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.198.135.19 18.198.135.19	16509 (AMAZON-02) (AMAZON-02)
62	23

11 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

paste1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

web.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:41a (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

fstatic.netpub.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2453:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:dc00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:7400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.135.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-135-19.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	paste1s.com 1 redirects paste1s.com	179 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	805 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	95 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 309 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	162 KB
7	netpub.media 4 redirects fstatic.netpub.media — Cisco Umbrella Rank: 343519	200 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10291 cmp.quantcast.com — Cisco Umbrella Rank: 2956 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11658	146 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261	31 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	88 KB
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2632	44 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	26 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	49 KB
1	telegram.org web.telegram.org — Cisco Umbrella Rank: 16440	3 KB
62	16

	Domain	Requested by
11	paste1s.com	1 redirects paste1s.com
10	www.youtube.com	paste1s.com www.youtube.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	fstatic.netpub.media	4 redirects paste1s.com fstatic.netpub.media
4	jnn-pa.googleapis.com	www.youtube.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org paste1s.com
3	securepubads.g.doubleclick.net	fstatic.netpub.media securepubads.g.doubleclick.net paste1s.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	www.google-analytics.com	www.googletagmanager.com paste1s.com
3	www.googletagmanager.com	paste1s.com www.googletagmanager.com fstatic.netpub.media
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	cdnjs.cloudflare.com	paste1s.com cdnjs.cloudflare.com
1	audit-tcfv2.cmp.quantcast.com	paste1s.com
1	test.cmp.quantcast.com	paste1s.com
1	quantcast.mgr.consensu.org	fstatic.netpub.media
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	pagead2.googlesyndication.com	paste1s.com
1	web.telegram.org	paste1s.com
1	fonts.googleapis.com	paste1s.com
62	22

This site contains links to these domains. Also see Links.

Domain
traffic1s.com
mneylink.com
link1s.com
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
paste1s.com R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.web.telegram.org Go Daddy Secure Certificate Authority - G2	`2022-08-29` - `2023-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.netpub.media E1	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cmp.quantcast.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://paste1s.com/notes/QZXB9V6
Frame ID: BFB8FBD691527845BFA7FC993001E8C8
Requests: 31 HTTP requests in this frame

Frame: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Frame ID: C77F774C46F2B63EE9FC2D35EF5AC9A3
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bXWPp1MJuwE
Frame ID: 6A68152628FC0F60C2EE73FAEBFD874C
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: FD862E83C851D2612611F2E6A576BEEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: Untitled 2022-10-19 09:58:02

Page URL History Show full URLs

http://paste1s.com/notes/QZXB9V6 HTTP 301
https://paste1s.com/notes/QZXB9V6 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Page Statistics

62
Requests

95 %
HTTPS

91 %
IPv6

16
Domains

22
Subdomains

23
IPs

3
Countries

1993 kB
Transfer

6609 kB
Size

15
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://traffic1s.com/L25r8l
Title: http://traffic1s.com/L25r8l

Search URL Search Domain Scan URL

URL: https://mneylink.com/fAXew
Title: https://mneylink.com/fAXew

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paste1s.com/notes/QZXB9V6 HTTP 301
https://paste1s.com/notes/QZXB9V6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138947 HTTP 301
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js HTTP 302
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

Request Chain 11

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138954 HTTP 301
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js HTTP 302
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

Request Chain 26

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request QZXB9V6 Show response
paste1s.com/notes/
Redirect Chain

http://paste1s.com/notes/QZXB9V6
https://paste1s.com/notes/QZXB9V6

25 KB
10 KB

670ms
623ms

Document
text/html

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

7fd2a82c394863ece8240439e0244ec351c1ac2041342542e5e01d9a736ccdd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:18:58 GMT
server: fbs
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds268.fr8.sc,1668475138.cdn2-redis02-fra1.stackpath.systems.-.wx,1668475138.cds268.fr8.p
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 15 Nov 2022 01:18:58 GMT
Location: https://paste1s.com/notes/QZXB9V6
X-HW: 1668475138.cds206.fr8.h2,1668475138.cds268.fr8.c

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 83ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:24:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 01:18:58 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 80ms
29ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 286071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8Vrm3w5qRsezfGUaMJmxqhN0QNU5Zib7PSSRlXinBYU0DB%2BoYrA1lOnlDLDj%2FNQUd9IoTKPJZaEmb2Jz4TG70BTsYqFqF6HSwVaFF69IHx1WC8SRkocOW2CDDWVgXaocZzPTFrAEDEKN4bs0RkJuno5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a427f23efe9122-FRA
expires: Sun, 05 Nov 2023 01:18:58 GMT

GET
H2 200 app.css
paste1s.com/css/ 143 KB
27 KB 27ms
26ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/QZXB9V6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified: Wed, 13 Apr 2022 01:57:45 GMT
server: fbs
etag: W/"62562e19-23c92"
x-frame-options: SAMEORIGIN
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds257.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27999
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 93ms
38ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

206734e545959c6fcc4ed2f9be3badb93d7bfd45a200521fe86603ab141abfef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43610
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 01:18:59 GMT

GET
H2 200 logo.png
paste1s.com/images/ 23 KB
23 KB 63ms
62ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste1s.com/images/logo.png

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/QZXB9V6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:58 GMT
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 03:04:33 GMT
server: fbs
etag: "62563dc1-5c8a"
x-frame-options: SAMEORIGIN
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds224.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23690
x-xss-protection: 1; mode=block

GET
H2 200 1f449.png
web.telegram.org/k/assets/img/emoji/ 3 KB
3 KB 149ms
44ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.telegram.org/k/assets/img/emoji/1f449.png

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

c3b278a8a8f51749395f49db332908efe468e8d17a85719ee7e05f3d5dce8a76

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
last-modified: Tue, 07 Jun 2022 14:34:10 GMT
server: nginx/1.18.0
etag: "629f61e2-b47"
x-frame-options: deny
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2887
expires: Tue, 15 Nov 2022 02:18:59 GMT

GET
H2 200 app.js Show response
paste1s.com/js/ 258 KB
93 KB 27ms
26ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/QZXB9V6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified: Wed, 13 Apr 2022 01:57:45 GMT
server: fbs
etag: W/"62562e19-40688"
x-frame-options: SAMEORIGIN
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds222.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 94951
x-xss-protection: 1; mode=block

GET
H2

200

418d0537.js Show response
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138947
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

394 KB
98 KB

66ms
65ms

Script
application/javascript

2606:4700:20::681a:41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Server

2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4c014caa198bc611f905be9eb437de4491674e40c84d1e0c19c035daeb4e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 17 Sep 2022 22:48:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6826
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n03GR4CXUiQlQ8q3TXh%2FoCSvZkFc6yr%2FZQsL6wc2tuNWOj59DNujE8Mo62sbMEa%2BuIFRZDKaUpRnsWwHwfVPsvsb%2FS2mn80pddn4JkhJqgzCy2d5QEONzxSnroTguErOpH3%2BTZtdc5fJR02l7rdgebed"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 76a427f3ed5f90a6-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

Redirect headers

date: Tue, 15 Nov 2022 01:18:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgIZAnnD5SJ1mNPVYXR7bvrY7h178I%2FmRphK%2F9hUo6wNehjDPmjBtYSPmQvBpLFrvlsFPAWyfzD1QQJFSmgffBHg21UPIcgC23arvUiImaQMCAKwa5i6UaL5xMlM5J45ZHVSgdnMKvK%2FxmWAeIof0zc%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa
cf-ray: 76a427f34cf390a6-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 137ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e2f5e6f9c6dd3adedd90418540a53f73eb3ea2aff4c08424975f78e04e9ccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49188
x-xss-protection: 0
server: cafe
etag: 15574908011507614927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 01:18:59 GMT

GET
H2 200 / Show response
paste1s.com/sbbi/ Frame C77F 25 KB
11 KB 63ms
62ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI&sbbgs=h4e25b46ee415285c81dc4f5f91e03314250&ddl=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 54628676e79b9038bd189c77de77bde863dd81249858adc5082a1528e0dfb4d7

Request headers

Referer: https://paste1s.com/notes/QZXB9V6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:18:58 GMT
server: fbs
x-accel-expires: 0
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds153.fr8.sc,1668475138.cdn2-wafbe03-fra1.stackpath.systems.-.i,1668475138.cds153.fr8.p

GET
H2 200 /
paste1s.com/sbbi/ 43 B
261 B 63ms
62ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste1s.com/sbbi/?sbbpg=utMedia&vii=ah64bed2e50bd4967e4e444195a2c8559c58111d1c34bf655f2971be40a393d1v4u2z5z0
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/notes/QZXB9V6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Tue, 15 Nov 2022 01:18:58 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1668475138.cds258.fr8.hn,1668475138.cds160.fr8.sc,1668475138.cdn2-redis01-fra1.stackpath.systems.-.i,1668475138.cds160.fr8.p
content-type: image/gif

GET
H2

200

418d0537.js Show response
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138954
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

394 KB
98 KB

43ms
43ms

Script
application/javascript

2606:4700:20::681a:41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Server

2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4c014caa198bc611f905be9eb437de4491674e40c84d1e0c19c035daeb4e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 17 Sep 2022 22:48:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6826
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LciNzvqXPk7fqBAdnW%2BErNd73YrX%2BBOy3iSnM6SPkRFOwGhiUMVcR9iPjUOpXiner7LOsTWR9EWRdO1JPFm1hXATwqbNGTY3SvKWYB48634h8jdSOfNhBn%2FCH8rmC%2FY8HaK673pupAnuti2%2Bpbf9lDZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 76a427f3ed5e90a6-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

Redirect headers

date: Tue, 15 Nov 2022 01:18:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkDIiY2nn2WJ4R168YBa6YUnQHFIFlh5dxLa8ElhoJp0OcbqneegN%2FHA1PGnNDQr9TxAbLpe8cVbFwj0CyhaeFjVZsggYvwCYtXEbZ%2BCspM%2Bdg4TDXvjTCYRDeCiEFUHo8Kb7p65koyp%2BFe%2BvubyNavq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/418d0537.js?npr=3528b0050f7cb5d0c892890a3a3087fa
cf-ray: 76a427f34cf290a6-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

GET
H2 200 bXWPp1MJuwE Show response
www.youtube.com/embed/ Frame 6A68 68 KB
29 KB 137ms
79ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/bXWPp1MJuwE

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a37a47ae35de5a3d7adb54e3a7503695e5844c4aaf67b9260f93a54c266e3dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 01:18:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 59ms
32ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 364617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv9jK5Hxxh6uHIa4gBUtq5%2Buwg4Tgv%2FrO4YbOgNFnQh9NsvNGdXQStnPiYHqYl5vubIXduKFEVqMz5YtHscDTkr8yAoYpIoRqmEhGz5nKwJ9m1bXznPohdY1j4DGpWRefgNRpBBT6L%2F7mj%2BpKunc3mct"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a427f2ba90997a-FRA
expires: Sun, 05 Nov 2023 01:18:58 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 91ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:14:49 GMT
x-content-type-options: nosniff
age: 288250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 17:14:49 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
13 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:31:34 GMT
x-content-type-options: nosniff
age: 503245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 05:31:34 GMT

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 72ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 05:34:29 GMT
x-content-type-options: nosniff
age: 416670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:34:29 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 6A68 359 KB
49 KB 71ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 11:01:21 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 6A68 309 KB
96 KB 106ms
58ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 22:21:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6A68 2 MB
576 KB 102ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 01:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 259502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 01:13:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 6A68 9 KB
3 KB 104ms
56ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 06:36:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A68 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 307434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A68 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 10660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 185
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 03:15:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame FD86 10 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 19:49:54 GMT
etag: 10353107486223812946
expires: Mon, 28 Nov 2022 19:49:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmp-gdpr.js Show response
fstatic.netpub.media//extra/cmp/ 10 KB
3 KB 41ms
41ms Script
application/javascript 2606:4700:20::681a:41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fstatic.netpub.media//extra/cmp/cmp-gdpr.js

Requested by

Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c7612ee448197aaef3a86d51c9971e8e4fd6f9d45598b67503aff2efee41e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Tue, 15 Nov 2022 01:19:00 GMT
date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Jul 2022 14:33:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmg0repgySi7AtPQREe0tx5SjrqXCCbklBNoVMbl3kbgY58LZzXUo88%2BIUq4osWg8BrYop1hRfQsCd4eIocVprJpTQ4mjz0sHcmdmth%2F%2Bm4Z8Dax8cYWU7sidKMoHk%2FG6kK7COv7rnz95Knn0gbT%2F41t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76a427f61ec790a6-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6A68
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
28ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed947e18325affebd9b66faa03ad3c4c8a174cf0796d2a73ab19cedd2ea7aa2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Nov 2022 01:18:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6A68 29 B
588 B 77ms
23ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:09:12 GMT
x-content-type-options: nosniff
age: 587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Nov 2022 01:24:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 77ms
30ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=434161957&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2FQZXB9V6&ul=en-us&de=UTF-8&dt=Note%3A%20Untitled%202022-10-19%2009%3A58%3A02&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1432268676&gjid=812418041&cid=254091193.1668475140&tid=UA-129758818-17&_gid=67399365.1668475140&_r=1&gtm=2oub90&z=38320388

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 01:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 87ms
30ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 15 Nov 2022 01:18:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 lib.wasm Show response
www.youtube.com/s/player/c4225c42/wasm/ Frame 6A68 20 KB
8 KB 25ms
24ms Fetch
application/wasm 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/wasm/lib.wasm

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90708f93df593fd5e90e707d689a804aa8b041740cabfc0f47b9233fbea53eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8625
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: application/wasm
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 22:06:55 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A68 66 KB
30 KB 82ms
38ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd064a0a6d161fd8f005bbb8a1278fc14c1f4f0998650e9be17313ec33bdcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30892
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6A68 118 KB
36 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 01:21:22 GMT

GET
H2 200 emevcAIWuZw7PUZ22uj37kCDCWOs1YGYK5Haa9pFrrA.js Show response
www.google.com/js/th/ Frame 6A68 36 KB
15 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/emevcAIWuZw7PUZ22uj37kCDCWOs1YGYK5Haa9pFrrA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a67af700216b99c3b3d4676dae8f7ee40830963acd581982b91da6bda45aeb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14247
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 16:18:38 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6A68 26 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 17:53:28 GMT

GET
DATA 200
OK truncated
/ Frame 6A68 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-81WnuwfjWn7jjUieI3r_w0l4qnk__4xBvUTZorQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6A68 3 KB
3 KB 94ms
22ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-81WnuwfjWn7jjUieI3r_w0l4qnk__4xBvUTZorQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8546bbc92d5e7d79959d5efaa77df7c5d2dfc8d3a4731a7fa523e38a3177f679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:33:11 GMT
x-content-type-options: nosniff
age: 9948
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2799
x-xss-protection: 0
server: fife
etag: "v7dc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Nov 2022 01:06:31 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/bXWPp1MJuwE/ Frame 6A68 26 KB
26 KB 100ms
33ms Image
image/webp 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/bXWPp1MJuwE/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11815d40b0df66a68f9899c825feb5e07a22c04d491065c5ef9c7c09f2e47097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26530
x-xss-protection: 0
server: sffe
etag: "1662005979"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Nov 2022 03:18:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A68 12 KB
12 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:26:11 GMT
x-content-type-options: nosniff
age: 539568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:26:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27313
x-xss-protection: 0
server: sffe
etag: "1392 / 284 of 1000 / last-modified: 1668467156"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Nov 2022 01:18:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 101ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-228391614-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9de8e854273141c3c1dcaec63adbe2e1cbf193654fe40431569477499f92c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43696
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 01:18:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 88ms
39ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-228391614-1

Requested by

Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1668475138954

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c337d3c9af8bdffcfb698595daaf65aa9ce3d5f14b8a7638b8ab55eea9350605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43680
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 01:18:59 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
44 KB 113ms
30ms Script
text/javascript 2600:9000:2453:4a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Requested by: Host: fstatic.netpub.media
URL: https://fstatic.netpub.media//extra/cmp/cmp-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:49 GMT
content-encoding: br
via: 1.1 8fd479f9732c98acd630e18c99fdcc6c.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P1
age: 16
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: cOw3i5XY0MdROU0KBCFTIVaIPMUQn2Xm78xVKXxv9uD3FqOKC1AE9Q==

POST
H2 200 / Show response
paste1s.com/sbbi/ Frame C77F 532 B
487 B 37ms
37ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI&sbbgs=h4e25b46ee415285c81dc4f5f91e03314250&ddl=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://paste1s.com
Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI&sbbgs=h4e25b46ee415285c81dc4f5f91e03314250&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:18:59 GMT
server: fbs
x-accel-expires: 0
x-hw: 1668475139.cds258.fr8.hn,1668475139.cds243.fr8.sc,1668475139.cdn2-wafbe02-fra1.stackpath.systems.-.i,1668475139.cds243.fr8.p

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A68 5 KB
5 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 12:15:25 GMT
x-content-type-options: nosniff
age: 392614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 12:15:25 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 6A68 0
10 B 27ms
27ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MnsYRw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/bXWPp1MJuwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6A68 4 KB
3 KB 109ms
30ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 01:19:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A68 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0e9927ca21d0054b2d81f03468fcc4c7c86727432187e95df8c6e68ff543bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 15 Nov 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
28ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 15 Nov 2022 01:19:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
29ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=434161957&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2FQZXB9V6&ul=en-us&de=UTF-8&dt=Note%3A%20Untitled%202022-10-19%2009%3A58%3A02&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=243140303&gjid=1501140870&cid=254091193.1668475140&tid=UA-228391614-1&_gid=67399365.1668475140&_r=1&gtm=2oub90&z=737119270

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 01:19:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 01:11:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
101 B 82ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paste1s.com

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9cf34c361597bc72f0603c5fee76c17437fbdb06c42a3036a4b5681d6479fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76
x-xss-protection: 0
expires: Tue, 15 Nov 2022 01:19:00 GMT

GET
H2 200 / Show response
paste1s.com/sbbi/ Frame C77F 25 KB
11 KB 45ms
44ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 47fd11cb80982dec5deb09348851613d959297a1a807816eaedd0a39c644bc3b

Request headers

Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI&sbbgs=h4e25b46ee415285c81dc4f5f91e03314250&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:19:00 GMT
server: fbs
x-accel-expires: 0
x-hw: 1668475140.cds258.fr8.hn,1668475140.cds254.fr8.sc,1668475140.cdn2-wafbe03-fra1.stackpath.systems.-.i,1668475140.cds254.fr8.p

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 90ms
24ms XHR
application/json 2600:9000:2182:dc00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:dc00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336

Request headers

Accept: application/json, text/plain, */*
Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:00:40 GMT
x-amz-version-id: mbynXBBZ.ckIcnxGDVHS07C_p1g25FCO
content-encoding: gzip
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 80301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 31 Oct 2022 19:52:29 GMT
server: AmazonS3
etag: W/"9d3edb6b0958dc8fc9d74e44b3d6c1cf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: _rFpyEYYZSlKLg6M3MSnX8IqWFp37Bofs_qUuR1uy111Axvd5ltdbw==

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 6A68 52 KB
15 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 15 Nov 2022 16:18:47 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/45/ 248 KB
61 KB 91ms
25ms Script
text/javascript 2600:9000:21f3:7400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:24:48 GMT
content-encoding: br
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 24853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
server: AmazonS3
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: S4oWgXlV6bUeXmtEdXlSJkH0_D3xZCZUlDDgJ9rNQZgptE_b9so5yg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 347 KB
46 KB 91ms
26ms XHR
application/json 2600:9000:21f3:7400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66ce567326799b1d74cfb9d592af44d3d93a1667878bde98a22b933c0f64d4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:00:38 GMT
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 80302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 03:00:33 GMT
server: AmazonS3
etag: W/"74bda64904b601b673f9bfc12b071d53"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: dn1YcPcaa6qJajle2bOXwsmsJVUbJKinpspZ9rlfp_5LGNgVLIb7UQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 150 KB
35 KB 113ms
49ms XHR
application/json 2600:9000:21f3:7400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e

Request headers

Accept: application/json, text/plain, */*
Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:01:38 GMT
content-encoding: br
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 80243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 03:01:36 GMT
server: AmazonS3
etag: W/"5e5c32e11030f411462907ffac99a722"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: JXv7D3kp51iisECviO6r8PGC8vYwRTaMmSx3Bv9sceLp516ag4221Q==

POST
H2 200 / Show response
paste1s.com/sbbi/ Frame C77F 532 B
471 B 32ms
31ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://paste1s.com
Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:19:00 GMT
server: fbs
x-accel-expires: 0
x-hw: 1668475140.cds258.fr8.hn,1668475140.cds160.fr8.sc,1668475140.cdn2-redis01-fra1.stackpath.systems.-.i,1668475140.cds160.fr8.p

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 77ms
22ms XHR
text/plain 18.198.135.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22domain%22%3A%22paste1s.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1668475140367%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t03ov5xtblqqsttt5ziv%22%7D
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/QZXB9V6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.135.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-135-19.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://paste1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 01:19:00 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
paste1s.com/sbbi/ Frame C77F 7 KB
3 KB 31ms
30ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 18e9e365dcca5c42638dde9b42c37d95308a0a45d8bacc6ead189b2370c08b4f

Request headers

Referer: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=JI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 01:19:00 GMT
server: fbs
x-accel-expires: 0
x-hw: 1668475140.cds258.fr8.hn,1668475140.cds254.fr8.sc,1668475140.cdn2-wafbe03-fra1.stackpath.systems.-.i,1668475140.cds254.fr8.p

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6A68 28 B
54 B 38ms
37ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668475142220
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/bXWPp1MJuwE
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjeTlITHZSUnkzUSiD0subBg%3D%3D
X-YouTube-Ad-Signals: dt=1668475139578&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 15 Nov 2022 01:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 15 Nov 2022 01:19:02 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste1s.com/	1969-12-31 23:59:59	Name: SPSI Value: a6bde0d974449ac5951113b6527b4a9d
paste1s.com/	1969-12-31 23:59:59	Name: SPSE Value: wcNwUh2JLIwbjBfKLNmp9efHr57zplr1a5GUmrSOErRHFZB/JNV5FmiMvr6PjGLFdzxsw/jF/D0cOMUlH4HAZQ==
paste1s.com/	1970-01-20 07:28:02	Name: spcsrf Value: c2f0ef190a109096b7850e6f6e969d9a
paste1s.com/	1970-01-20 07:28:02	Name: XSRF-TOKEN Value: eyJpdiI6InBTNmFOaDN0MjhxNXBJRkpJaGFaM0E9PSIsInZhbHVlIjoiVmc3bXg5NHRVbUc2UGoraXd6NXBpeE5vc2xldkExV2VVZjZsU0FzbXNrUEhSMG5WcFNINVdkaWgxNXZsUWxEMTZDZ3VtL29HRUE5WGFOcUg0U3FNSGtvZ0dFU1VGSE4wTUd6aTlmbzJDVnZsUHF3RGk4YXI5YmNWZk9aTTEzRHAiLCJtYWMiOiJiOWEzNDJmMDJhMjliYzM1NTM4ZDk5M2M5YjJhYmU5MDY5YWZkOWNiODI4YmZlMWIwZGYxY2U5YWZlM2ZkODA5In0%3D
paste1s.com/	1970-01-20 07:28:02	Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session Value: eyJpdiI6IlQzVDYrdHFhN1JtUW90UHd2NGhGVlE9PSIsInZhbHVlIjoiOFdWeDEvQ0todHhHdGxEcjI3VGpTUUtmd1hsQmdrR1dZYko4RjBBbHp4MnNFaXdGYjY5Q2JrZzVYZWh2Vnk4enZIdExUczEwMytzSkJzeDFIcjEvcVpNdHllVUh3bHFpZFB1aitPU2MyME51bVlPbjhFRis3N1RzRy9SVDJKR0YiLCJtYWMiOiIwMTdhNTI1NWRkMmU1NDJhOTI3YWFmY2Q3N2E2MzQyZGM3OTZlN2ViZjQ5MmUxZTYxYjJkNzc1MTFjMTFhMjAzIn0%3D
paste1s.com/	1970-01-20 07:27:55	Name: sp_lit Value: z/XqtfLt9FQL5G14zMIbig==
paste1s.com/	1969-12-31 23:59:59	Name: PRLST Value: JI
paste1s.com/	1970-01-20 11:47:07	Name: UTGv2 Value: h4e25b46ee415285c81dc4f5f91e03314250
paste1s.com/	1969-12-31 23:59:59	Name: adOtr Value: ed60a9b7d44
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9LZQur4Prgs
.youtube.com/	1970-01-20 11:47:07	Name: VISITOR_INFO1_LIVE Value: cy9HLvRRy3Q
.paste1s.com/	1970-01-20 17:03:55	Name: _ga Value: GA1.2.254091193.1668475140
.paste1s.com/	1970-01-20 07:29:21	Name: _gid Value: GA1.2.67399365.1668475140
.paste1s.com/	1970-01-20 07:27:55	Name: _gat_gtag_UA_129758818_17 Value: 1
.paste1s.com/	1970-01-20 07:27:55	Name: _gat_gtag_UA_228391614_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.cmp.quantcast.com
cdnjs.cloudflare.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
paste1s.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
static.doubleclick.net
test.cmp.quantcast.com
web.telegram.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
151.139.128.10
18.198.135.19
2001:67c:4e8:f004::9
2600:9000:2182:dc00:3:a4cd:8380:93a1
2600:9000:21f3:7400:9:46dc:4700:93a1
2600:9000:2453:4a00:9:46dc:4700:93a1
2606:4700:20::681a:41a
2606:4700::6811:190e
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2016
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
11815d40b0df66a68f9899c825feb5e07a22c04d491065c5ef9c7c09f2e47097
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
18e9e365dcca5c42638dde9b42c37d95308a0a45d8bacc6ead189b2370c08b4f
206734e545959c6fcc4ed2f9be3badb93d7bfd45a200521fe86603ab141abfef
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
47fd11cb80982dec5deb09348851613d959297a1a807816eaedd0a39c644bc3b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
54628676e79b9038bd189c77de77bde863dd81249858adc5082a1528e0dfb4d7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4c014caa198bc611f905be9eb437de4491674e40c84d1e0c19c035daeb4e17
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9cf34c361597bc72f0603c5fee76c17437fbdb06c42a3036a4b5681d6479fd
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
66ce567326799b1d74cfb9d592af44d3d93a1667878bde98a22b933c0f64d4a3
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336
7a67af700216b99c3b3d4676dae8f7ee40830963acd581982b91da6bda45aeb0
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
7fd2a82c394863ece8240439e0244ec351c1ac2041342542e5e01d9a736ccdd0
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e
845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21
8546bbc92d5e7d79959d5efaa77df7c5d2dfc8d3a4731a7fa523e38a3177f679
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8e2f5e6f9c6dd3adedd90418540a53f73eb3ea2aff4c08424975f78e04e9ccf9
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
90708f93df593fd5e90e707d689a804aa8b041740cabfc0f47b9233fbea53eed
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6
a37a47ae35de5a3d7adb54e3a7503695e5844c4aaf67b9260f93a54c266e3dc6
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9de8e854273141c3c1dcaec63adbe2e1cbf193654fe40431569477499f92c37
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
c0e9927ca21d0054b2d81f03468fcc4c7c86727432187e95df8c6e68ff543bce
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c337d3c9af8bdffcfb698595daaf65aa9ce3d5f14b8a7638b8ab55eea9350605
c3b278a8a8f51749395f49db332908efe468e8d17a85719ee7e05f3d5dce8a76
d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae
ed947e18325affebd9b66faa03ad3c4c8a174cf0796d2a73ab19cedd2ea7aa2d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5c7612ee448197aaef3a86d51c9971e8e4fd6f9d45598b67503aff2efee41e1
fcd064a0a6d161fd8f005bbb8a1278fc14c1f4f0998650e9be17313ec33bdcb0

paste1s.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

91 %IPv6

16 Domains

22 Subdomains

23 IPs

3 Countries

1993 kBTransfer

6609 kBSize

15 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

91 %
IPv6

16
Domains

22
Subdomains

23
IPs

3
Countries

1993 kB
Transfer

6609 kB
Size

15
Cookies

62 HTTP transactions
1 data transactions