pastebin.com Open in urlscan Pro
2606:4700:10::6814:d015 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastebin.com/K8WnTPDG
Submission: On September 13 via api (September 13th 2019, 3:29:36 pm UTC) from US

Summary HTTP 108 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 24 domains to perform 108 HTTP transactions. The main IP is 2606:4700:10::6814:d015, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pastebin.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 23rd 2019. Valid for: 6 months.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:10:... 2606:4700:10::6814:d015	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
12	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.111.238.116 104.111.238.116	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.111.215.249 104.111.215.249	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	13.35.254.84 13.35.254.84	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2606:4700:10:... 2606:4700:10::6814:190b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:10:... 2606:4700:10::6814:180b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2600:9000:205... 2600:9000:2057:7000:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	143.204.211.231 143.204.211.231	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	185.33.223.206 185.33.223.206	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
4	54.194.74.35 54.194.74.35	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	74.214.194.134 74.214.194.134	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	143.204.214.111 143.204.214.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.214.91 143.204.214.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.214.2 143.204.214.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	52.216.138.245 52.216.138.245	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
108	29

37 2606:4700:10::6814:d015 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.238.116 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-238-116.deploy.static.akamaitechnologies.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.249 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-215-249.deploy.static.akamaitechnologies.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.254.84 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-84.fra6.r.cloudfront.net

d2na2p72vtqyok.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6814:190b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:180b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

b2c.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:7000:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.211.231 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-211-231.fra53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.223.206 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.74.35 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.134 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.111 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-111.fra53.r.cloudfront.net

cdnp0.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.91 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-91.fra53.r.cloudfront.net

cdnp2.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.2 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-2.fra53.r.cloudfront.net

cdnp3.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnp1.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.119.107 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

edba.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.138.245 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	pastebin.com pastebin.com	128 KB
9	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	215 KB
7	insticator.com geoip.insticator.com b2c.insticator.com event.insticator.com	2 KB
6	adnxs.com ib.adnxs.com	4 KB
4	stackassets.com cdnp0.stackassets.com cdnp2.stackassets.com cdnp3.stackassets.com cdnp1.stackassets.com	179 KB
4	gumgum.com g2.gumgum.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	49 KB
4	googletagservices.com www.googletagservices.com	81 KB
4	cloudfront.net d2na2p72vtqyok.cloudfront.net df80k0z3fi8zg.cloudfront.net	172 KB
3	tribalfusion.com s.tribalfusion.com	2 KB
3	google.com adservice.google.com	513 B
3	google.nl adservice.google.nl	513 B
2	amazonaws.com s3.amazonaws.com	794 B
2	brealtime.com 2 redirects edba.brealtime.com	1008 B
2	sonobi.com apex.go.sonobi.com	1 KB
2	aralego.com hb.aralego.com	596 B
2	emxdgt.com hb.emxdgt.com	608 B
2	districtm.io dmx.districtm.io	529 B
2	contextweb.com bid.contextweb.com	593 B
2	googlesyndication.com tpc.googlesyndication.com Failed pagead2.googlesyndication.com	38 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	exponential.com tags.expo9.exponential.com	28 KB
1	servedby-buysellads.com m.servedby-buysellads.com	15 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
108	24

	Domain	Requested by
37	pastebin.com	pastebin.com s.tribalfusion.com securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
8	securepubads.g.doubleclick.net	pastebin.com securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
6	ib.adnxs.com	df80k0z3fi8zg.cloudfront.net
4	g2.gumgum.com	df80k0z3fi8zg.cloudfront.net
4	c.amazon-adsystem.com	d2na2p72vtqyok.cloudfront.net c.amazon-adsystem.com
4	geoip.insticator.com	d2na2p72vtqyok.cloudfront.net
4	www.googletagservices.com	securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
3	s.tribalfusion.com	tags.expo9.exponential.com
3	adservice.google.com	securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
3	adservice.google.nl	securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
2	s3.amazonaws.com
2	edba.brealtime.com	2 redirects
2	apex.go.sonobi.com	df80k0z3fi8zg.cloudfront.net
2	hb.aralego.com	df80k0z3fi8zg.cloudfront.net
2	hb.emxdgt.com	df80k0z3fi8zg.cloudfront.net
2	dmx.districtm.io	df80k0z3fi8zg.cloudfront.net
2	bid.contextweb.com	df80k0z3fi8zg.cloudfront.net
2	df80k0z3fi8zg.cloudfront.net	d2na2p72vtqyok.cloudfront.net
2	b2c.insticator.com	d2na2p72vtqyok.cloudfront.net
2	d2na2p72vtqyok.cloudfront.net	pastebin.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	tags.expo9.exponential.com	pastebin.com
1	pagead2.googlesyndication.com
1	event.insticator.com	d2na2p72vtqyok.cloudfront.net
1	cdnp1.stackassets.com	pastebin.com
1	cdnp3.stackassets.com	pastebin.com
1	cdnp2.stackassets.com	pastebin.com
1	cdnp0.stackassets.com	pastebin.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	pastebin.com
1	m.servedby-buysellads.com	pastebin.com
1	www.googletagmanager.com	pastebin.com
108	32

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
favpng.com
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-23` - `2020-02-29`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.expo9.exponential.com DigiCert SHA2 Secure Server CA	`2019-06-07` - `2020-06-06`	a year	crt.sh
*.servedby-buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-18` - `2021-01-17`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.tribalfusion.com DigiCert SHA2 Secure Server CA	`2019-02-23` - `2020-05-24`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.insticator.com COMODO RSA Organization Validation Secure Server CA	`2018-05-25` - `2020-08-26`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2018-12-18` - `2019-11-21`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh
*.aralego.com COMODO RSA Domain Validation Secure Server CA	`2016-10-04` - `2019-12-21`	3 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
stackassets.com Amazon	`2018-11-08` - `2019-12-08`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://pastebin.com/K8WnTPDG
Frame ID: 8EE5DE6F9579F34C24A757CF6A790DBF
Requests: 48 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_custom_safe.php
Frame ID: 9EF3CE998101CAFC26CDA3C29AB0C44F
Requests: 23 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_custom_safe.php
Frame ID: 33C95AE88CE51A9B3E834C07AC1DC74F
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssU9PvxgtpYAesIxsicPRLf8WxYwDXIfl4xtzJDwmKTy_GtbxMm7amZGWGSUUPJ-Uk62SUMPz3gpyzn00pBg3dyp12Mqt8CqUhsHKBaQ7EO6GuK0swoL69HuSH_DIjBNanHMT3XzFSu0K0y-ieukHONCKMoBulVvkeloLtjhE1QYpv2R7wnZtCL9uNa9vbVtNkOLS3EMCzAeVyTC8ljnaXTFh5WMmmfMClS1F79CEzWUL7yV-XYUd6-3-oEqXXPjyj3IMdIe3EHvX05DZw&sai=AMfl-YROjqNqBaNJelCOtCosi7DQ1aYKmAsmErK_bS6orqubc0SGZYSbxg9q5rNVXHJb9spMkkC1B-Ir--4qfLAy7A1USWxhKMS0HNxnVd6hpg&sig=Cg0ArKJSzNcHLsCB7bjCEAE&urlfix=1&adurl=
Frame ID: 648172C7C22338515A3255D1E1C2D53D
Requests: 6 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: CFB97A314388D89C824596877558C099
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 03769BF878ABEBC3DB5F646313BE51AB
Requests: 1 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_backfill.php
Frame ID: 72734AFFCDA531D1B52117050068D0F0
Requests: 5 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_backfill.php
Frame ID: 460245E89692CFB500863DCD96EA1DA1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

108
Requests

99 %
HTTPS

38 %
IPv6

24
Domains

32
Subdomains

29
IPs

5
Countries

965 kB
Transfer

2331 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: deals

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: https://favpng.com/
Title: FavPNG

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1862850772&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&ul=en-us&de=UTF-8&dt=Pastebin.com%20-%20Page%20Removed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=249176743&gjid=625406345&cid=962068887.1568388559&tid=UA-58643-34&_gid=1020781657.1568388559&_r=1&gtm=2ou941&z=1327467217 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=962068887.1568388559&jid=249176743&_gid=1020781657.1568388559&gjid=625406345&_v=j79&z=1327467217

Request Chain 106

https://edba.brealtime.com/ HTTP 302
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

Request Chain 107

https://edba.brealtime.com/ HTTP 302
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request K8WnTPDG Show response
pastebin.com/ 13 KB
5 KB 186ms
149ms Document
text/html 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6955135a0c9a2235d0d035f44737e06f8e2786cc48239d2f5dd5e3b6986641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /K8WnTPDG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 404
date: Fri, 13 Sep 2019 15:29:19 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de9524cca42800dc469c23121530160421568388558; expires=Sat, 12-Sep-20 15:29:18 GMT; path=/; domain=.pastebin.com; HttpOnly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27ed0ac6cbd0-VIE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
26 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5118333b6a8a975435b471f651fc15cb1517ce8180a829d95f4ef814852f6bde

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: br
last-modified: Fri, 13 Sep 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26908
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 41 KB
13 KB 85ms
34ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

227c6b541f2f2a70c14c306cbfab01272fcd5ce56d41d437a3b966e9817f86d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "277 / 630 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13176
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:19 GMT

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
30 KB 18ms
17ms Script
application/x-javascript 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/jquery.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
age: 1110268
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 515b27edfdb2cbd0-VIE
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 pastebin.min.v3.js Show response
pastebin.com/js/ 36 KB
12 KB 40ms
40ms Script
application/x-javascript 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v3.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c553d405e7a0d873f69083ecb231e12a1123206c612d8fd8c675e9eabb264f3d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Sep 2018 09:27:31 GMT
server: cloudflare
age: 2808449
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 515b27edfdb5cbd0-VIE
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 pastebin.min.v9.css
pastebin.com/i/ 40 KB
9 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v9.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e4498335b6f73a222e423a935274212a50b0ec452b25bdac10181622a75285d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 Apr 2019 07:36:25 GMT
server: cloudflare
age: 4434737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 515b27edfdb1cbd0-VIE
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
1 KB 19ms
16ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/guest.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 3157376
status: 200
content-length: 1152
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4e9dcbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
133 B 19ms
17ms Image
image/gif 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/t.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 4955285
status: 200
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4e9ecbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PastebincomNew/Sure/ 59 KB
14 KB 255ms
195ms Script
application/x-javascript 104.111.238.116
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.238.116 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-238-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2189efc759592533c003747f3bf661721401c33512bb76847aa0977e9b39f3c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-function: 151
x-reuse-index: 231
etag: 966994214585722420
vary: Accept-Encoding
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
cache-control: max-age=3600, private
last-modified: Tue, 03 Sep 2019 17:28:09 GMT
content-type: application/x-javascript
content-length: 13984
expires: Fri, 13 Sep 2019 16:29:19 GMT

GET
H2 200 hello.png
pastebin.com/i/ 4 KB
4 KB 25ms
23ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/hello.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 4815610
status: 200
content-length: 3647
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jun 2018 07:07:42 GMT
server: cloudflare
etag: "5b10f0be-e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea2cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/ 59 KB
14 KB 218ms
187ms Script
application/x-javascript 104.111.238.116
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PastebincomNew/SnackbarSafe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.238.116 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-238-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eca9089f26f77de2ee51f11414b4cf1da82404dd38070f6e539c800b69157497

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-function: 151
x-reuse-index: 183
etag: 15772026388235619318
vary: Accept-Encoding
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
cache-control: max-age=3600, private
last-modified: Tue, 03 Sep 2019 17:28:09 GMT
content-type: application/x-javascript
content-length: 13989
expires: Fri, 13 Sep 2019 16:29:19 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 55 KB
15 KB 77ms
36ms Script
application/javascript 108.161.189.78
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 636db32911b55eaae40eff5342f543e92ce7a28275f3c16bb5589a7281eb1572

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 15:29:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 15:51:11 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: C5E57F1028CF8D24
ETag: W/"205560f4d1f3931909fa80148e66c357"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: kw2wRVc9T5zY/X7gxu3AlqJESYfuOPGMki7zoUskrCjxSFwHNjikccVMJ20YjyMtg4rq1SJgfPc=
Expires: Sat, 14 Sep 2019 15:29:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2746
date: Fri, 13 Sep 2019 14:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 13 Sep 2019 16:43:33 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
272 B 19ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/header_bg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 243426
status: 200
content-length: 191
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea3cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
18 KB 22ms
20ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pastebin_logo_side_outline.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 4365274
status: 200
content-length: 18016
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea4cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
586 B 17ms
15ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/add_2.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 5112229
status: 200
content-length: 491
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea5cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
1 KB 22ms
21ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/search.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 3934673
status: 200
content-length: 1429
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea6cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 menu_down.png
pastebin.com/i/ 506 B
588 B 22ms
21ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_down.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 1577982
status: 200
content-length: 506
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea7cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 dd_pastebin.png
pastebin.com/i/ 667 B
773 B 25ms
23ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_pastebin.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 3588587
status: 200
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-29b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea8cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 dd_messages.png
pastebin.com/i/ 1 KB
1 KB 22ms
20ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_messages.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 3588587
status: 200
content-length: 1099
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-44b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4ea9cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 dd_alerts.png
pastebin.com/i/ 915 B
998 B 19ms
18ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_alerts.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 2983237
status: 200
content-length: 915
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4eaacbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 dd_settings.png
pastebin.com/i/ 1 KB
1 KB 20ms
19ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_settings.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 1921750
status: 200
content-length: 1262
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4eaccbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
452 B 18ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/linebg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 2808449
status: 200
content-length: 375
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27ee4eadcbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1862850772&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&ul=en-us&de=UTF-8&dt=Pastebin.com%20-%20Page%20Removed&sd=24-bit&sr=1600x...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=962068887.1568388559&jid=249176743&_gid=1020781657.1568388559&gjid=625406345&_v=j79&z=1327467217

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c06::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=962068887.1568388559&jid=249176743&_gid=1020781657.1568388559&gjid=625406345&_v=j79&z=1327467217

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Sep 2019 15:29:19 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=962068887.1568388559&jid=249176743&_gid=1020781657.1568388559&gjid=625406345&_v=j79&z=1327467217
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 38ms
38ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:19 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
668 B 275ms
223ms Script
application/x-javascript 104.111.215.249
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8720513786
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.249 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ac4ab49b97aef9aeed257d21ab422d2ae64faf7a5eba134ea262d90941351889

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-function: 153
x-reuse-index: 7511
vary: Accept-Encoding
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
cache-control: private
last-modified: Tue, 04 Apr 2017 05:09:56 GMT
content-type: application/x-javascript
content-length: 331
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 j.ad Show response
s.tribalfusion.com/ 191 B
518 B 207ms
207ms Script
application/x-javascript 104.111.215.249
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8720513786&tagKey=1007119840&site=pastebincomnew&adSpace=sure&center=1&size=160x600,120x600&env=display&url=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&f=0&p=8484954&tKey=a3mneM56J03Gv7VsUkWcBg49YJPPnBrT&a=1&adContainerId=richmedia_2&rnd=8491035
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.249 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf4b2a9cef04c8838412657549d3182e4d812540d97754398a056e6804568458

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-function: 101
x-reuse-index: 59
vary: Accept-Encoding
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: application/x-javascript; charset=utf-8
content-length: 171
expires: 0

GET
H2 200 160x600_custom_safe.php Show response
pastebin.com/adserver/ Frame 9EF3 1 KB
758 B 291ms
291ms Document
text/html 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8720513786&tagKey=1007119840&site=pastebincomnew&adSpace=sure&center=1&size=160x600,120x600&env=display&url=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&f=0&p=8484954&tKey=a3mneM56J03Gv7VsUkWcBg49YJPPnBrT&a=1&adContainerId=richmedia_2&rnd=8491035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1c3305fc6569ae4f61e1c911365f8ce68db1b6e9651ce300ef812353cdcdc0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/160x600_custom_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://pastebin.com/K8WnTPDG
accept-encoding: gzip, deflate, br
cookie: __cfduid=de9524cca42800dc469c23121530160421568388558; _ga=GA1.2.962068887.1568388559; _gid=GA1.2.1020781657.1568388559; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/K8WnTPDG

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f2dd97cbd0-VIE

GET
H2 200 j.ad Show response
s.tribalfusion.com/ 189 B
522 B 174ms
174ms Script
application/x-javascript 104.111.215.249
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8720513786&tagKey=1007119840&site=pastebincomnew&adSpace=sure&center=1&size=970x250,728x90&env=display&url=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&f=0&p=8484954&tKey=a3mneM56J03Gv7VsUkWcBg49YJPPnBrT&a=3&adContainerId=richmedia_4&rnd=8485333
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PastebincomNew/Sure/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.249 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ef972f4716db94e440cd885503d5404dfc366af54f6af916f36bd0d0bc3472b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:19 GMT
content-encoding: gzip
x-function: 101
x-reuse-index: 60
vary: Accept-Encoding
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: application/x-javascript; charset=utf-8
content-length: 171
expires: 0

GET
H2 200 steadfast_3.png
pastebin.com/i/ 7 KB
7 KB 24ms
22ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/steadfast_3.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

030321a4f2cb7dc8e1a72bd85c8c15b9fd5bd1dca60de4f3ae653e712ff65b38

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:19 GMT
cf-cache-status: HIT
age: 4434736
status: 200
content-length: 6829
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Apr 2019 07:35:36 GMT
server: cloudflare
etag: "5cc16348-1aad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f2fe23cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:19 GMT

GET
H2 200 728x90_custom_safe.php Show response
pastebin.com/adserver/ Frame 33C9 1 KB
768 B 291ms
291ms Document
text/html 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8720513786&tagKey=1007119840&site=pastebincomnew&adSpace=sure&center=1&size=970x250,728x90&env=display&url=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&f=0&p=8484954&tKey=a3mneM56J03Gv7VsUkWcBg49YJPPnBrT&a=3&adContainerId=richmedia_4&rnd=8485333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bdf1f83ff26a6834a8f829fd313f38c41e9108e9e36a79d7fcfdd508e2f3c92

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/728x90_custom_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://pastebin.com/K8WnTPDG
accept-encoding: gzip, deflate, br
cookie: __cfduid=de9524cca42800dc469c23121530160421568388558; _ga=GA1.2.962068887.1568388559; _gid=GA1.2.1020781657.1568388559; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/K8WnTPDG

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f3f907cbd0-VIE

GET
H2 200 info.png
pastebin.com/i/ 2 KB
2 KB 20ms
18ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/info.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 3157374
status: 200
content-length: 1676
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429accbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
1 KB 21ms
19ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 4452598
status: 200
content-length: 1428
x-xss-protection: 1; mode=block
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare
etag: "590c3d57-594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429b2cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
3 KB 18ms
16ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_chrome.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 3604637
status: 200
content-length: 2990
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429b5cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
3 KB 22ms
20ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_firefox.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 2377708
status: 200
content-length: 3178
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429b7cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
3 KB 20ms
18ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_ios.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 3718024
status: 200
content-length: 3011
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429bbcbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
2 KB 18ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_windows.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 2544854
status: 200
content-length: 1808
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429c0cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
3 KB 19ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_android.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 5057200
status: 200
content-length: 2469
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429c1cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
3 KB 18ms
16ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_macosx.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 4365270
status: 200
content-length: 2865
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429c2cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
3 KB 19ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_opera.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 1479308
status: 200
content-length: 2756
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429c3cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
5 KB 21ms
20ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_linux.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 1821737
status: 200
content-length: 4571
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f429c4cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
902 B 19ms
17ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_circle.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 3588588
status: 200
content-length: 818
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f439c5cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
1 KB 28ms
28ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_circle.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 1821721
status: 200
content-length: 954
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-3ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f439c8cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
533 B 21ms
20ms Image
image/png 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/cd-top-arrow.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/i/pastebin.min.v9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
cf-cache-status: HIT
age: 4712287
status: 200
content-length: 451
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 515b27f439c9cbd0-VIE
expires: Thu, 12 Dec 2019 15:29:20 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 65ms
65ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2042117481322080&correlator=2684237033222262&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21064600%2C21064520%2C21064546%2C21064102&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190913&iu_parts=7346874%2CHellobar-adunits%2C176&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1568388560&dt=1568388560036&dlt=1568388559026&idt=182&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=858&adks=3777814511&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpastebin.com%2FK8WnTPDG&dssz=26&icsg=49976660&mso=1088&std=0&csl=92&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x808&msz=1x-1&ga_vid=962068887.1568388559&ga_sid=1568388560&ga_hid=1862850772&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bb61158d0fc7cb5bd8d98932e28c9b2f682b33fa5c4644c489132b4831f0c6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 3469
x-xss-protection: 0
google-lineitem-id: 5162043044
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286132964
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ 62 KB
24 KB 34ms
34ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24115
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

GET
H/1.1 200
OK 024e069d-525f-46a7-911a-7c59471d8c75.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 9EF3 81 KB
20 KB 110ms
29ms Script
application/javascript 13.35.254.84
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-84.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d55cd494cf39e990d33bc9344a54145e98f2b069d204be37f0605bc4db5457e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 15:01:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 13 Sep 2019 15:01:31 GMT
Server: AmazonS3
Age: 1659
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: OiQ25CVXEsnndiPbSVR2wWkN7FS8Av24
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
Content-Type: application/javascript
X-Amz-Cf-Id: QsVPMX0JFxXPGf_vEHN2TUm3KBQLUb5umrHr71H7Ltt55K9KsoY1HA==

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 6481 0
66 B 50ms
50ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssU9PvxgtpYAesIxsicPRLf8WxYwDXIfl4xtzJDwmKTy_GtbxMm7amZGWGSUUPJ-Uk62SUMPz3gpyzn00pBg3dyp12Mqt8CqUhsHKBaQ7EO6GuK0swoL69HuSH_DIjBNanHMT3XzFSu0K0y-ieukHONCKMoBulVvkeloLtjhE1QYpv2R7wnZtCL9uNa9vbVtNkOLS3EMCzAeVyTC8ljnaXTFh5WMmmfMClS1F79CEzWUL7yV-XYUd6-3-oEqXXPjyj3IMdIe3EHvX05DZw&sai=AMfl-YROjqNqBaNJelCOtCosi7DQ1aYKmAsmErK_bS6orqubc0SGZYSbxg9q5rNVXHJb9spMkkC1B-Ir--4qfLAy7A1USWxhKMS0HNxnVd6hpg&sig=Cg0ArKJSzNcHLsCB7bjCEAE&urlfix=1&adurl=

Requested by

Host: pastebin.com
URL: https://pastebin.com/K8WnTPDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6481 75 KB
28 KB 34ms
32ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6481 0
255 B 52ms
52ms Image
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 6481 38 KB
38 KB 20ms
7ms Image
image/png 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDH8ZT0zAEQARgBMggB26vOkGi8eA

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

75c6a714f9d3da79865c618e4a87a6016021461ee9e072505b678ccd1fc8c1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Sep 2019 23:03:39 GMT
x-content-type-options: nosniff
server: cafe
age: 577541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 38840
x-xss-protection: 0
expires: Fri, 13 Sep 2019 23:03:39 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 37ms
37ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
DATA 200
OK truncated
/ Frame 6481 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 373f442c0384b5b0eda2f2d7f1b541bc9dd11412f691b6dff0b10f2a246d8c67

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 9EF3 213 B
255 B 508ms
460ms XHR
application/json 2606:4700:10::6814:190b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30591968c6ef8c4e7997f8b362f1cab5b3607f41606f4a3d670f34e4837939a

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 515b27f5eca8cbc8-VIE
date: Fri, 13 Sep 2019 15:29:20 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
x-ratelimit-remaining: 9994
access-control-allow-credentials: true
x-ratelimit-reset: 367
x-ratelimit-limit: 10000
x-database-date: Fri, 13 Sep 2019 02:17:44 GMT
content-encoding: gzip

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 9EF3 213 B
595 B 487ms
439ms XHR
application/json 2606:4700:10::6814:190b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30591968c6ef8c4e7997f8b362f1cab5b3607f41606f4a3d670f34e4837939a

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 515b27f5ecabcbc8-VIE
date: Fri, 13 Sep 2019 15:29:20 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
x-ratelimit-remaining: 9991
access-control-allow-credentials: true
x-ratelimit-reset: 367
x-ratelimit-limit: 10000
x-database-date: Fri, 13 Sep 2019 07:07:09 GMT
content-encoding: gzip

GET
H2 200 usertracking
b2c.insticator.com/v3/pages/ Frame CFB9 0
0 477ms
431ms Document
text/html 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: b2c.insticator.com
:scheme: https
:path: /v3/pages/usertracking
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://pastebin.com/adserver/160x600_custom_safe.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/adserver/160x600_custom_safe.php

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d24246c44a8b60e7d47ca4fbab8d0decd1568388560; expires=Sat, 12-Sep-20 15:29:20 GMT; path=/; domain=.insticator.com; HttpOnly
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f5ed4e8c7a-VIE
content-encoding: gzip

GET
H2 200 instbid_1_34_release_20190807.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame 9EF3 218 KB
66 KB 41ms
9ms Script
application/javascript 2600:9000:2057:7000:10:3422:3f00:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZyO56HU_sYG3L.Nf3MAtxCLO1RTIEG4J
content-encoding: gzip
last-modified: Mon, 05 Aug 2019 21:52:22 GMT
server: AmazonS3
age: 15946
date: Fri, 13 Sep 2019 11:04:07 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: H9LOZcIF_9NLGRxG2Dxrfg1VZJuRVlu1DGPe9yoru6ZmRmjt_kXx2g==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9EF3 75 KB
22 KB 105ms
46ms Script
application/javascript 143.204.211.231
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-231.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 429e8f62ea6700f952db60ed9f95d5c6b4791a4d8cd2877424c8f17a1793a184

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 20:14:12 GMT
content-encoding: gzip
server: Server
age: 69307
etag: ddd9d5f81cde70f506947a629eb2805e
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tIe0GiVnKP3mDtsh9-QM2N2hG0GK82fNrRtSIUobeIY-QUl-wYWR0g==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 024e069d-525f-46a7-911a-7c59471d8c75.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 33C9 81 KB
20 KB 34ms
34ms Script
application/javascript 13.35.254.84
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_safe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-84.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d55cd494cf39e990d33bc9344a54145e98f2b069d204be37f0605bc4db5457e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 15:01:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 13 Sep 2019 15:01:31 GMT
Server: AmazonS3
Age: 1659
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: OiQ25CVXEsnndiPbSVR2wWkN7FS8Av24
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
Content-Type: application/javascript
X-Amz-Cf-Id: Tby_w94EqlabmqwT3oEybVczNk45-HiTOKb9mMOFXAYm6tccwwVDZg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9EF3 21 B
710 B 66ms
24ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: 464cdce5-59fd-4f33-ae34-7e23750fdaca
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9EF3 19 B
708 B 61ms
20ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid: 23b8e457-1a94-4b92-8d17-e5be64607c9c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 9EF3 101 B
543 B 119ms
46ms XHR
application/json 54.194.74.35
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=hxobotgw&pi=2&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastebin.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.74.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9dca9c647c0b39042894c0799b5fb6a873d45e3f3c597b9c83f2ae1b180dc6f7

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://pastebin.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 9EF3 101 B
542 B 116ms
43ms XHR
application/json 54.194.74.35
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=18030&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastebin.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.74.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 750814b2daa933ee1d970d5b88e07198b8d5d5b8a9e026ecc382decd3680fbe2

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://pastebin.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9EF3 19 B
707 B 65ms
25ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.85:80
AN-X-Request-Uuid: c5d80a94-74a1-4e94-9ff7-06121c0595ed
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 9EF3 0
373 B 75ms
22ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
server: envoy
status: 204
cwdl: 22/2528
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cw-server: bid-deployment-7c466b4684-hqcfr
content-length: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 9EF3 0
133 B 171ms
132ms XHR
text/plain 104.16.190.66
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 515b27f75d94c779-AMS
access-control-allow-headers: origin, content-type

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 9EF3 0
304 B 116ms
29ms XHR
text/html 18.196.104.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1568388560316
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Sep 2019 15:29:20 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 9EF3 0
298 B 445ms
124ms XHR
text/plain 162.210.196.208
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=pastebin.com&u=https%3A%2F%2Fpastebin.com%2F&ru=&adid=ad-62722A7D76D8ED9916228B439D283E3&w=160&h=600&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Fri, 13 Sep 2019 15:29:20 GMT
access-control-allow-credentials: true
connection: close

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 9EF3 51 B
662 B 75ms
19ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221944ebdec570a6c%22%3A%224c4c920a6cf262ee66db%7C160x600%22%7D&ref=https%3A%2F%2Fpastebin.com%2F&s=72deb900-2029-49ab-98ae-b43e5b6774b2&pv=c16a75fe-80e1-4e70-9079-200199577225&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f0d667700280601599f75b03d593188b876336e3e9bee804ca4ad2c085eca1e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:20 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 79
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 33C9 213 B
328 B 443ms
443ms XHR
application/json 2606:4700:10::6814:190b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30591968c6ef8c4e7997f8b362f1cab5b3607f41606f4a3d670f34e4837939a

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 515b27f61d80cbc8-VIE
date: Fri, 13 Sep 2019 15:29:20 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
x-ratelimit-remaining: 9990
access-control-allow-credentials: true
x-ratelimit-reset: 367
x-ratelimit-limit: 10000
x-database-date: Fri, 13 Sep 2019 07:07:09 GMT
content-encoding: gzip

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 33C9 213 B
231 B 451ms
451ms XHR
application/json 2606:4700:10::6814:190b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30591968c6ef8c4e7997f8b362f1cab5b3607f41606f4a3d670f34e4837939a

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 515b27f61d81cbc8-VIE
date: Fri, 13 Sep 2019 15:29:20 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
x-ratelimit-remaining: 9993
access-control-allow-credentials: true
x-ratelimit-reset: 367
x-ratelimit-limit: 10000
x-database-date: Fri, 13 Sep 2019 02:17:44 GMT
content-encoding: gzip

GET
H2 200 usertracking
b2c.insticator.com/v3/pages/ Frame 0376 0
0 421ms
421ms Document
text/html 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: b2c.insticator.com
:scheme: https
:path: /v3/pages/usertracking
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://pastebin.com/adserver/728x90_custom_safe.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/adserver/728x90_custom_safe.php

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7852e7c30cb56c57e12b3fb6d5f5fabe1568388560; expires=Sat, 12-Sep-20 15:29:20 GMT; path=/; domain=.insticator.com; HttpOnly
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f61d708c7a-VIE
content-encoding: gzip

GET
H2 200 instbid_1_34_release_20190807.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame 33C9 218 KB
66 KB 6ms
6ms Script
application/javascript 2600:9000:2057:7000:10:3422:3f00:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZyO56HU_sYG3L.Nf3MAtxCLO1RTIEG4J
content-encoding: gzip
last-modified: Mon, 05 Aug 2019 21:52:22 GMT
server: AmazonS3
age: 15946
date: Fri, 13 Sep 2019 11:04:07 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZBOJxasQYW54oPZJGfmsPJr7GLXURkEP5b4hD8iekxlNBbtutCl2Uw==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 33C9 75 KB
22 KB 39ms
39ms Script
application/javascript 143.204.211.231
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-231.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 429e8f62ea6700f952db60ed9f95d5c6b4791a4d8cd2877424c8f17a1793a184

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 20:14:12 GMT
content-encoding: gzip
server: Server
age: 69307
etag: ddd9d5f81cde70f506947a629eb2805e
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: J5CmdU8PfmMHTjZUfy-ySx2UMBtltZ8rx4BiubQkVcRLhsTbgmwsjg==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 33C9 19 B
708 B 47ms
20ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.232:80
AN-X-Request-Uuid: a423abbe-58e7-4635-a9e3-1966cea43bb6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 33C9 0
396 B 167ms
127ms XHR
text/plain 104.16.190.66
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 515b27f75d93c779-AMS
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 33C9 50 B
663 B 64ms
20ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22622dc238de491e%22%3A%224c4c920a6cf262ee66db%7C728x90%22%7D&ref=https%3A%2F%2Fpastebin.com%2F&s=27174272-8fb0-43e0-a402-e393e23fbc79&pv=26fdd1c9-bd64-4e00-8c74-8c6efc911ba4&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

dbea5796b54940b9bac8ee5c79c34202563d0d0649f4b71a24500751f730dc12

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:20 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 78
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 33C9 0
220 B 42ms
23ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
server: envoy
status: 204
cwdl: 22/2528
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-7c466b4684-5pchh
content-length: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 33C9 0
298 B 436ms
125ms XHR
text/plain 162.210.196.208
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=pastebin.com&u=https%3A%2F%2Fpastebin.com%2F&ru=&adid=ad-9A2AA8292BBD6B2214E967E797738492&w=728&h=90&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastebin.com
date: Fri, 13 Sep 2019 15:29:20 GMT
access-control-allow-credentials: true
connection: close

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 33C9 101 B
541 B 84ms
47ms XHR
application/json 54.194.74.35
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=hxobotgw&pi=2&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastebin.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.74.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1165bf4e8c19c6a2103d21aea6bfa4eaaf63cb01b4d31d9afed3d4f39872072b

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://pastebin.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 33C9 101 B
542 B 80ms
42ms XHR
application/json 54.194.74.35
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=18045&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastebin.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.74.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 682c406dede3ddf2687d1ffa51fdad0b6c039af634a7f18b9fcfa3d2b453627f

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://pastebin.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 33C9 19 B
708 B 48ms
19ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: 70248e16-cc9a-45f6-b19c-35fb36d6c070
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 33C9 0
304 B 113ms
31ms XHR
text/html 18.196.104.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1568388560351
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Sep 2019 15:29:20 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 33C9 19 B
706 B 50ms
20ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 15:29:22 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.6:80
AN-X-Request-Uuid: 890988b8-f1dd-430d-bac5-b85228e81b18
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9EF3 6 KB
3 KB 89ms
30ms XHR
application/javascript 143.204.211.231
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Sep 2019 20:15:13 GMT
content-encoding: gzip
vary: Origin
age: 69248
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 24 Aug 2018 07:13:51 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nImjWgeZ8O1btppJr4h2J7bEOa-VUUk-XQGoI2mvJADKLQ0TJfcFgg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 33C9 6 KB
3 KB 80ms
31ms XHR
application/javascript 143.204.211.231
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Sep 2019 20:15:13 GMT
content-encoding: gzip
vary: Origin
age: 69248
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 24 Aug 2018 07:13:51 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: riPZL-KySmS3GDtH4fbeQl6NNgjHKxux97FTN-DPnLEeMt4ddZW89g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9EF3 40 KB
12 KB 33ms
33ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e165a39df7e8106bf6e24868ac4cb6372a614a0c21db3c4de8c3da01066ca1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "277 / 9 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12662
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 160x600_backfill.php Show response
pastebin.com/adserver/ Frame 7273 6 KB
2 KB 151ms
151ms Document
text/html 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_backfill.php

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38b43cdd533843ab0125fb53fa15ac75def38f3279d6a7da0078005564eb787

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/160x600_backfill.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://pastebin.com/adserver/160x600_custom_safe.php
accept-encoding: gzip, deflate, br
cookie: __cfduid=de9524cca42800dc469c23121530160421568388558; _ga=GA1.2.962068887.1568388559; _gid=GA1.2.1020781657.1568388559; _gat_gtag_UA_58643_34=1; __gads=ID=a963b38320a2c0c4:T=1568388560:S=ALNI_Mab8SseybYmi5Ki4ZeK1T_OlBt1Vw; InstiSession={"id":"726c9192-228c-4e59-8bed-6475af07c5da","referrer":"pastebin.com","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}; visitorGeo=DE; Insticator.geoBlockAds-024e069d-525f-46a7-911a-7c59471d8c75=false; Insticator.geoBlockedEmbeds-024e069d-525f-46a7-911a-7c59471d8c75=[]; visitorFloorTier=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/adserver/160x600_custom_safe.php

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f8d9d4cbd0-VIE

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 33C9 41 KB
13 KB 34ms
34ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

8592c5633d0dba541246cc03a1912e478b56c4c341b74c5b78107773b19ea512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "277 / 431 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13176
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 728x90_backfill.php Show response
pastebin.com/adserver/ Frame 4602 5 KB
2 KB 141ms
139ms Document
text/html 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_backfill.php

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d73ee00f311794db8033f8f0b633bc08b9afedfde58a608cf93d2d1a3107faae

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/728x90_backfill.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://pastebin.com/adserver/728x90_custom_safe.php
accept-encoding: gzip, deflate, br
cookie: __cfduid=de9524cca42800dc469c23121530160421568388558; _ga=GA1.2.962068887.1568388559; _gid=GA1.2.1020781657.1568388559; _gat_gtag_UA_58643_34=1; __gads=ID=a963b38320a2c0c4:T=1568388560:S=ALNI_Mab8SseybYmi5Ki4ZeK1T_OlBt1Vw; InstiSession={"id":"726c9192-228c-4e59-8bed-6475af07c5da","referrer":"pastebin.com","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}; visitorGeo=DE; Insticator.geoBlockAds-024e069d-525f-46a7-911a-7c59471d8c75=false; Insticator.geoBlockedEmbeds-024e069d-525f-46a7-911a-7c59471d8c75=[]; visitorFloorTier=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://pastebin.com/adserver/728x90_custom_safe.php

Response headers

status: 200
date: Fri, 13 Sep 2019 15:29:20 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 515b27f90a53cbd0-VIE

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 9EF3 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=pastebin.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9EF3 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9EF3 158 KB
58 KB 34ms
34ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 33C9 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=pastebin.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 33C9 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 33C9 157 KB
58 KB 34ms
33ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Fri, 13 Sep 2019 15:29:20 GMT

GET
H2 200 sale_17701_primary_image.jpg
cdnp0.stackassets.com/5ba888586ee1a96e846bc654b9a0a8c6da713ad9/store/7b6b3231a4694dfd6099b7db365850910b12b892bbcf9d6098196ba944cb/ Frame 7273 36 KB
37 KB 108ms
46ms Image
image/jpeg 143.204.214.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp0.stackassets.com/5ba888586ee1a96e846bc654b9a0a8c6da713ad9/store/7b6b3231a4694dfd6099b7db365850910b12b892bbcf9d6098196ba944cb/sale_17701_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_backfill.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.111 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-111.fra53.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

3b0e34744f029ab3f30fb7580cf543abd92432ac3a1765860f61bf822463b930

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 14:58:45 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5099436
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="sale_17701_primary_image.jpg"
content-length: 37023
last-modified: Tue, 16 Jul 2019 14:58:45 GMT
server: nginx/1.12.1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: x1cdBbC2PCvsjLWdPdEdfcnY7R2z-UJ46E8UHsAjvjSG3cM3pRdhAQ==
expires: Wed, 15 Jul 2020 14:58:45 GMT

GET
H2 200 deals-ribbon.svg
pastebin.com/i/ Frame 7273 103 B
358 B 16ms
15ms Image
image/svg+xml 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/deals-ribbon.svg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_backfill.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 May 2016 16:37:17 GMT
server: cloudflare
age: 5586
etag: W/"5744833d-67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=7200
cf-ray: 515b27f9dc89cbd0-VIE
x-xss-protection: 1; mode=block
expires: Fri, 13 Sep 2019 17:29:20 GMT

GET
H2 200 2651_MOSCableOrganizer_MF-MAIN.jpg
cdnp2.stackassets.com/971d0592e2975ed30c6f386026e2734261035e62/store/a8c019b325ababec7d9de6288855526a09ccd51b16735b222c4a81fd0dd0/ Frame 7273 34 KB
34 KB 111ms
45ms Image
image/jpeg 143.204.214.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp2.stackassets.com/971d0592e2975ed30c6f386026e2734261035e62/store/a8c019b325ababec7d9de6288855526a09ccd51b16735b222c4a81fd0dd0/2651_MOSCableOrganizer_MF-MAIN.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_backfill.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.91 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-91.fra53.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

8e9c82e85f6268b5984ebd24c860a780528d10b05ee04deb6c50306ebd3c63a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 22 Jun 2019 05:01:27 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7208874
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="2651_MOSCableOrganizer_MF-MAIN.jpg"
content-length: 34796
last-modified: Sat, 22 Jun 2019 05:01:27 GMT
server: nginx/1.12.1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: TngWkTh9KhOCnFG4MLFiRGTrormd1-oLi1A6SBSi050tJmuQhc6-mg==
expires: Sun, 21 Jun 2020 05:01:27 GMT

GET
H2 200 sale_17164_primary_image.jpg
cdnp3.stackassets.com/6b125c7b3970ed039f0bf9a0915cb26625c1d7a7/store/b53ba34aaccdb33d8a2302240bb619ae294eb5a2a763a493a841660830ec/ Frame 7273 79 KB
79 KB 112ms
48ms Image
image/jpeg 143.204.214.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp3.stackassets.com/6b125c7b3970ed039f0bf9a0915cb26625c1d7a7/store/b53ba34aaccdb33d8a2302240bb619ae294eb5a2a763a493a841660830ec/sale_17164_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_backfill.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-2.fra53.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

66ae1278b8ef0d7200d560d17f887027d6a6968a8124904d0d48601be5c9194f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/160x600_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Jun 2019 02:01:44 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8256457
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="sale_17164_primary_image.jpg"
content-length: 80620
last-modified: Mon, 10 Jun 2019 02:01:44 GMT
server: nginx/1.12.1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ac_4R4hZdccbBBoJgsRqhFfU7cDtBogzVwP4r5WxCS9vCB3VoN51Cg==
expires: Tue, 09 Jun 2020 02:01:44 GMT

GET
H2 200 sale_17605_primary_image.jpg
cdnp1.stackassets.com/f1fe66304091f4eab30f4b4f3e151ee648a6a6ea/store/292957d3d8fc9f276bea046313708fc80bac1edd87dd5f9b155e2a617749/ Frame 4602 29 KB
29 KB 118ms
53ms Image
image/jpeg 143.204.214.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp1.stackassets.com/f1fe66304091f4eab30f4b4f3e151ee648a6a6ea/store/292957d3d8fc9f276bea046313708fc80bac1edd87dd5f9b155e2a617749/sale_17605_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_backfill.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-2.fra53.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

f3f572e5e56b336b46b1d3846ff57769d03928556166d0b8680cdc028958d116

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 07 Jul 2019 10:16:53 GMT
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5893948
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="sale_17605_primary_image.jpg"
content-length: 29273
last-modified: Sun, 07 Jul 2019 10:16:53 GMT
server: nginx/1.12.1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: lLV8mxu-Zta-vocviUoB7KNJj-ZGvNe7-BCifoJBAcWdyuCtzhVKXw==
expires: Mon, 06 Jul 2020 10:16:53 GMT

GET
H2 200 deals-ribbon.svg
pastebin.com/i/ Frame 4602 103 B
198 B 21ms
21ms Image
image/svg+xml 2606:4700:10::6814:d015
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/deals-ribbon.svg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_backfill.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/adserver/728x90_backfill.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 15:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 May 2016 16:37:17 GMT
server: cloudflare
age: 5586
etag: W/"5744833d-67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=7200
cf-ray: 515b27f9ecc7cbd0-VIE
x-xss-protection: 1; mode=block
expires: Fri, 13 Sep 2019 17:29:20 GMT

POST
H2 201 event Show response
event.insticator.com/v1/ Frame 9EF3 0
136 B 129ms
129ms XHR
text/plain 2606:4700:10::6814:190b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Sec-Fetch-Mode: cors
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 13 Sep 2019 15:29:21 GMT
server: cloudflare
status: 201
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
cf-ray: 515b27fcc986cbc8-VIE
content-length: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6481 42 B
115 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCNInDTv19tUONTAbQx5GVE-TetsJNOXnHnA4j-Tg2p0Q_JDL_wZKlcl_IDkK6WrU4DXGNQLKPoaSET7__KgRsvY_2JfxoJ2TGrqxNtEU&sig=Cg0ArKJSzHEf0JTXlyEbEAE&adk=3777814511&tt=473&bs=1600%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=1026.03125,0,1027.03125,1&mcvt=1007&rs=3&ht=0&tfs=130&tls=1137&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=13&niot_cbk=22&md=2&rst=1568388560117&rpt=92&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1600%2C1003&ss=1600%2C1200&pt=665&bin=1&deb=1-1-1-4-12-18-13-11-0-0-0&tvt=1124&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=0&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://pastebin.com/K8WnTPDG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 15:29:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1.gif
s3.amazonaws.com/brt-appnexus-cookie-sync/ Frame 9EF3
Redirect Chain

https://edba.brealtime.com/
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

42 B
397 B

418ms
109ms

Image
image/gif

52.216.138.245
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.245 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 15:29:25 GMT
Last-Modified: Fri, 10 Nov 2017 21:53:47 GMT
Server: AmazonS3
x-amz-request-id: 1D4D49CE499D01F4
ETag: "d89746888da2d9510b64a9f031eaecd5"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42
x-amz-id-2: ysoBO7pG+XwJfaUrCTbCak15KTJvalMksalKear3+asKdhedZVtjroHgHQU17hAB8muWD1Lylco=

Redirect headers

Date: Fri, 13 Sep 2019 15:29:23 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Location: https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 515b280bfa59723f-AMS
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

1x1.gif
s3.amazonaws.com/brt-appnexus-cookie-sync/ Frame 33C9
Redirect Chain

https://edba.brealtime.com/
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

42 B
397 B

419ms
109ms

Image
image/gif

52.216.138.245
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.245 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 15:29:25 GMT
Last-Modified: Fri, 10 Nov 2017 21:53:47 GMT
Server: AmazonS3
x-amz-request-id: 654B2BA89C9DA1AA
ETag: "d89746888da2d9510b64a9f031eaecd5"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42
x-amz-id-2: AycXqi5dnlORKzHr34/byxp/eVLgEZnxCnms8lrXaKQWs8SKqcwVM2rn04QZpINu60i2pVP/EVE=

Redirect headers

Date: Fri, 13 Sep 2019 15:29:23 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Location: https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 515b280c0b54d919-AMS
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastebin.com/	1970-01-19 03:41:14	Name: Insticator.geoBlockedEmbeds-024e069d-525f-46a7-911a-7c59471d8c75 Value: []
pastebin.com/	1970-01-19 03:41:14	Name: visitorGeo Value: DE
.insticator.com/	1970-01-19 12:25:24	Name: __cfduid Value: d7852e7c30cb56c57e12b3fb6d5f5fabe1568388560
pastebin.com/	1970-01-19 03:39:50	Name: InstiSession Value: {"id":"726c9192-228c-4e59-8bed-6475af07c5da","referrer":"pastebin.com","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}
pastebin.com/	1970-01-19 03:41:14	Name: visitorFloorTier Value: 1
.pastebin.com/	1970-01-19 03:41:14	Name: _gid Value: GA1.2.1020781657.1568388559
.pastebin.com/	1970-01-19 21:11:00	Name: __gads Value: ID=a963b38320a2c0c4:T=1568388560:S=ALNI_Mab8SseybYmi5Ki4ZeK1T_OlBt1Vw
pastebin.com/	1970-01-19 03:41:14	Name: Insticator.geoBlockAds-024e069d-525f-46a7-911a-7c59471d8c75 Value: false
.pastebin.com/	1970-01-19 03:39:48	Name: _gat_gtag_UA_58643_34 Value: 1
.pastebin.com/	1970-01-19 21:11:00	Name: _ga Value: GA1.2.962068887.1568388559
.pastebin.com/	1970-01-19 12:25:24	Name: __cfduid Value: de9524cca42800dc469c23121530160421568388558

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: dom ready!
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: topFrame:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: params:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: Cookie enabled, set cookie
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: session:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: Send pageview now
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: dom ready!
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: topFrame:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: params:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: Cookie enabled, set cookie
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: session:
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: pageview have been sent or scheduled
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js(Line 1) Message: formatedPageview:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
apex.go.sonobi.com
b2c.insticator.com
bid.contextweb.com
c.amazon-adsystem.com
cdnp0.stackassets.com
cdnp1.stackassets.com
cdnp2.stackassets.com
cdnp3.stackassets.com
d2na2p72vtqyok.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dmx.districtm.io
edba.brealtime.com
event.insticator.com
g2.gumgum.com
geoip.insticator.com
hb.aralego.com
hb.emxdgt.com
ib.adnxs.com
m.servedby-buysellads.com
pagead2.googlesyndication.com
pastebin.com
s.tribalfusion.com
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.expo9.exponential.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
104.111.215.249
104.111.238.116
104.16.190.66
104.17.119.107
108.161.189.78
13.35.254.84
143.204.211.231
143.204.214.111
143.204.214.2
143.204.214.91
162.210.196.208
178.162.133.150
18.196.104.43
185.33.223.206
216.58.210.2
2600:9000:2057:7000:10:3422:3f00:21
2606:4700:10::6814:180b
2606:4700:10::6814:190b
2606:4700:10::6814:d015
2a00:1450:4001:806::2002
2a00:1450:4001:814::2001
2a00:1450:4001:819::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9c
52.216.138.245
54.194.74.35
74.214.194.134
030321a4f2cb7dc8e1a72bd85c8c15b9fd5bd1dca60de4f3ae653e712ff65b38
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0bdf1f83ff26a6834a8f829fd313f38c41e9108e9e36a79d7fcfdd508e2f3c92
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1165bf4e8c19c6a2103d21aea6bfa4eaaf63cb01b4d31d9afed3d4f39872072b
1d1c3305fc6569ae4f61e1c911365f8ce68db1b6e9651ce300ef812353cdcdc0
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
2189efc759592533c003747f3bf661721401c33512bb76847aa0977e9b39f3c0
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
227c6b541f2f2a70c14c306cbfab01272fcd5ce56d41d437a3b966e9817f86d9
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3
373f442c0384b5b0eda2f2d7f1b541bc9dd11412f691b6dff0b10f2a246d8c67
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3b0e34744f029ab3f30fb7580cf543abd92432ac3a1765860f61bf822463b930
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
429e8f62ea6700f952db60ed9f95d5c6b4791a4d8cd2877424c8f17a1793a184
5118333b6a8a975435b471f651fc15cb1517ce8180a829d95f4ef814852f6bde
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97
56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20
636db32911b55eaae40eff5342f543e92ce7a28275f3c16bb5589a7281eb1572
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
66ae1278b8ef0d7200d560d17f887027d6a6968a8124904d0d48601be5c9194f
682c406dede3ddf2687d1ffa51fdad0b6c039af634a7f18b9fcfa3d2b453627f
6d55cd494cf39e990d33bc9344a54145e98f2b069d204be37f0605bc4db5457e
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
750814b2daa933ee1d970d5b88e07198b8d5d5b8a9e026ecc382decd3680fbe2
75c6a714f9d3da79865c618e4a87a6016021461ee9e072505b678ccd1fc8c1c4
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7e4498335b6f73a222e423a935274212a50b0ec452b25bdac10181622a75285d
7ef972f4716db94e440cd885503d5404dfc366af54f6af916f36bd0d0bc3472b
7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1
8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f
8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8592c5633d0dba541246cc03a1912e478b56c4c341b74c5b78107773b19ea512
8e9c82e85f6268b5984ebd24c860a780528d10b05ee04deb6c50306ebd3c63a1
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
9dca9c647c0b39042894c0799b5fb6a873d45e3f3c597b9c83f2ae1b180dc6f7
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
ac4ab49b97aef9aeed257d21ab422d2ae64faf7a5eba134ea262d90941351889
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
bb61158d0fc7cb5bd8d98932e28c9b2f682b33fa5c4644c489132b4831f0c6f5
c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7
c553d405e7a0d873f69083ecb231e12a1123206c612d8fd8c675e9eabb264f3d
cf4b2a9cef04c8838412657549d3182e4d812540d97754398a056e6804568458
d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7
d30591968c6ef8c4e7997f8b362f1cab5b3607f41606f4a3d670f34e4837939a
d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d73ee00f311794db8033f8f0b633bc08b9afedfde58a608cf93d2d1a3107faae
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbea5796b54940b9bac8ee5c79c34202563d0d0649f4b71a24500751f730dc12
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e165a39df7e8106bf6e24868ac4cb6372a614a0c21db3c4de8c3da01066ca1e1
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6955135a0c9a2235d0d035f44737e06f8e2786cc48239d2f5dd5e3b6986641
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
eca9089f26f77de2ee51f11414b4cf1da82404dd38070f6e539c800b69157497
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d667700280601599f75b03d593188b876336e3e9bee804ca4ad2c085eca1e2
f38b43cdd533843ab0125fb53fa15ac75def38f3279d6a7da0078005564eb787
f3f572e5e56b336b46b1d3846ff57769d03928556166d0b8680cdc028958d116
f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec
fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

pastebin.com Open in urlscan Pro 2606:4700:10::6814:d015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

108 Requests

99 %HTTPS

38 %IPv6

24 Domains

32 Subdomains

29 IPs

5 Countries

965 kBTransfer

2331 kBSize

11 Cookies

7 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastebin.com Open in urlscan Pro
2606:4700:10::6814:d015 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

38 %
IPv6

24
Domains

32
Subdomains

29
IPs

5
Countries

965 kB
Transfer

2331 kB
Size

11
Cookies

108 HTTP transactions
1 data transactions