paste4btc.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://paste4btc.com/LrNCPq0O
Submission: On June 09 via manual (June 9th 2023, 6:50:45 pm UTC) from CL — Scanned from NL

Summary HTTP 75 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 24 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste4btc.com.

This is the only time paste4btc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	3.125.225.220 3.125.225.220	16509 (AMAZON-02) (AMAZON-02)
4	136.243.3.135 136.243.3.135	24940 (HETZNER-AS) (HETZNER-AS)
1 4	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1 1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
3	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
13	2600:9000:205... 2600:9000:2057:3a00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.215.101 143.204.215.101	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
4	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 5	65.9.66.102 65.9.66.102	16509 (AMAZON-02) (AMAZON-02)
1 1	52.211.237.155 52.211.237.155	16509 (AMAZON-02) (AMAZON-02)
2 4	34.251.167.48 34.251.167.48	16509 (AMAZON-02) (AMAZON-02)
4 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
4 4	54.36.150.186 54.36.150.186	16276 (OVH) (OVH)
75	24

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

paste4btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl9195645.pvclouds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.urldelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.208.114 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.bnhtml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.225.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-225-220.eu-central-1.compute.amazonaws.com

simplewebanalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.3.135 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.135.3.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.134 (United States) 1 redirects

ASN54113 (FASTLY, US)

paste4btc.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States) 1 redirects

ASN54113 (FASTLY, US)

paste4btc.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2057:3a00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-101.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.66.102 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-102.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.237.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-237-155.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.167.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-167-48.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.186 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	disquscdn.com a.disquscdn.com — Cisco Umbrella Rank: 14177 c.disquscdn.com — Cisco Umbrella Rank: 4831	339 KB
13	paste4btc.com paste4btc.com	108 KB
12	disqus.com 2 redirects paste4btc.disqus.com disqus.com — Cisco Umbrella Rank: 1249 referrer.disqus.com — Cisco Umbrella Rank: 7141 links.services.disqus.com — Cisco Umbrella Rank: 13562 glitter.services.disqus.com — Cisco Umbrella Rank: 12128	30 KB
7	rlcdn.com 4 redirects ejp.rlcdn.com — Cisco Umbrella Rank: 97878 idsync.rlcdn.com — Cisco Umbrella Rank: 433	1 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	116 KB
5	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1874	4 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 171 accounts.google.com — Cisco Umbrella Rank: 56	49 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 16822	1 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	4 KB
4	narrative.io 2 redirects io.narrative.io — Cisco Umbrella Rank: 4872	1 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 23281 static.a-ads.com — Cisco Umbrella Rank: 43377	175 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 248	896 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 940	2 KB
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9030	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	88 KB
2	urldelivery.com www.urldelivery.com Failed	2 KB
2	simplewebanalysis.com simplewebanalysis.com — Cisco Umbrella Rank: 13054	854 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 2185	778 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com — Cisco Umbrella Rank: 37679	303 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	bnhtml.com www.bnhtml.com	6 KB
1	pvclouds.com pl9195645.pvclouds.com
75	24

	Domain	Requested by
13	c.disquscdn.com	disqus.com c.disquscdn.com paste4btc.disqus.com
13	paste4btc.com	paste4btc.com
5	live.rezync.com	4 redirects c.disquscdn.com
5	idsync.rlcdn.com	2 redirects c.disquscdn.com live.rezync.com
5	fonts.gstatic.com	fonts.googleapis.com
4	cookie-matching.mediarithmics.com	4 redirects
4	ib.adnxs.com	4 redirects
4	io.narrative.io	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	links.services.disqus.com	c.disquscdn.com
3	accounts.google.com	apis.google.com paste4btc.com www.gstatic.com
3	referrer.disqus.com	c.disquscdn.com
3	disqus.com	paste4btc.disqus.com c.disquscdn.com
3	ad.a-ads.com	paste4btc.com
2	p.rfihub.com	2 redirects
2	ejp.rlcdn.com	2 redirects
2	cdn.viglink.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	www.urldelivery.com	www.bnhtml.com
2	paste4btc.disqus.com	2 redirects
2	simplewebanalysis.com	www.bnhtml.com
2	www.google-analytics.com	paste4btc.com www.google-analytics.com
2	s7.addthis.com	1 redirects paste4btc.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	1 redirects
1	glitter.services.disqus.com	c.disquscdn.com
1	www.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	fonts.googleapis.com	client
1	static.a-ads.com	ad.a-ads.com
1	a.disquscdn.com	paste4btc.com
1	www.bnhtml.com	paste4btc.com
1	pl9195645.pvclouds.com	paste4btc.com
75	33

This site contains links to these domains. Also see Links.

Domain
starsessions.startkabel.nl
starsession.jouwpagina.nl
www.paste4btc.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-19` - `2023-06-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.rezync.com Amazon RSA 2048 M02	`2023-02-22` - `2023-12-23`	10 months	crt.sh

This page contains 10 frames:

Primary Page: http://paste4btc.com/LrNCPq0O
Frame ID: DC3689BB6B46AC1B34AF575FC8365BAE
Requests: 31 HTTP requests in this frame

Frame: http://ad.a-ads.com/980375?size=468x60
Frame ID: 1061E95F169B456763572212D3E2B752
Requests: 3 HTTP requests in this frame

Frame: http://ad.a-ads.com/980377?size=240x400
Frame ID: 5D388FF8145BAF4783526F8F830C14D2
Requests: 2 HTTP requests in this frame

Frame: http://ad.a-ads.com/980376?size=990x90
Frame ID: 8FBF9518C3044D70274D31AA65778052
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Frame ID: 2A8CAD4FC60E76494734CC270F7C5B4C
Requests: 31 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.319717110307?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1
Frame ID: D274F04D7A632B86AFCC655AAE0BEA63
Requests: 1 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.153340269975?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1
Frame ID: B69C95D8F22BDD0EE3DFBD9B64A19740
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 788E706AA301A207B4E34C1E62746F08
Requests: 4 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBqZTe9IE2C9isyvhVlwHeI&google_cver=1
Frame ID: C5644B5680D8030AA90E13472D5570CE
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c5rda7ei37gvb5v&pctry=NL&referrer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&cache_buster=0.873554730871
Frame ID: 4762437CA0BAE2B5892A46EBE8FB9B40
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

starsessions | Paste4BTC.com - Earn bitcoins by pasting!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+id="disqus_thread"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

SyntaxHighlighter (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

53 %
HTTPS

34 %
IPv6

24
Domains

33
Subdomains

24
IPs

4
Countries

938 kB
Transfer

2444 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://starsessions.startkabel.nl/
Title: https://starsessions.startkabel.nl

Search URL Search Domain Scan URL

URL: https://starsession.jouwpagina.nl/
Title: https://starsession.jouwpagina.nl

Search URL Search Domain Scan URL

URL: http://www.paste4btc.com/
Title: http://www.paste4btc.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 12

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 18

http://paste4btc.disqus.com/embed.js HTTP 301
https://paste4btc.disqus.com/embed.js HTTP 302
https://a.disquscdn.com/next/current/embed/embed.fallback.js

Request Chain 65

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP 307
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Request Chain 72

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCILpjaQGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBqZTe9IE2C9isyvhVlwHeI&google_cver=1

Request Chain 74

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac5rda7ei37gvb5v HTTP 302
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91775d HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=893c3590-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91775d

Request Chain 75

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=8935a5e0-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O

Request Chain 76

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1686336642.887854 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_buster%253D1686336642.887854 HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2398461948971867983&cache_buster=1686336642.887854 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=63942afc-4694-4d70-9c3a-64ddf94ee7f1%3A1686336642.8873954&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc5rda7ei37gvb5v%26_%3D1686336643.2016597&cb=1686336643.2016935 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925577915574&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc5rda7ei37gvb5v%26_%3D1686336643.2016597 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c5rda7ei37gvb5v&_=1686336643.2016597 HTTP 307
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEPqVPNU1cKVpUPhX8KoHd8M&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPqVPNU1cKVpUPhX8KoHd8M&action=GET_ID&etid=&domid=1052 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2398461948971867983&opid=apx&ops=&utidl=tech:goo:CAESEPqVPNU1cKVpUPhX8KoHd8M&action=GET_ID&etid=&domid=1052 HTTP 303
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A37686160454

Request Chain 77

https://p.rfihub.com/cm?pub=39342&in=1&userid=63942afc-4694-4d70-9c3a-64ddf94ee7f1%3A1686336642.8873954&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D&cb=1686336642.8879266 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925577915574&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D5140084925577915574 HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=5140084925577915574 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c5rda7ei37gvb5v&_=1686336643.3887336 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2398461948971867983

75 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request LrNCPq0O Show response
paste4btc.com/ 12 KB
5 KB 118ms
63ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294dbc1fbc2cfe3ad37121d0c09dc9f8303b1eb2127fdcfdd00a7c934521e68c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d4b8fb1da191b08-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Jun 2023 18:50:37 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5%2FBCQdwt%2B7YMiwqAd60shC4etDKWeYiBn2zGH1snsXrI5cm9nas8cxp62o83CN3m2gm%2BPSy0oKS%2FCARSvlPp99P99XZrmhTQW2YH98q9m8g%2F2V%2F6%2F9IK35SCjlRahPkzqt%2BTJeYA2nBu5mL"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.min.css
paste4btc.com/css/ 98 KB
18 KB 32ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap.min.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 372693
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 17160
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "18679-611ae702-21b1f;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff0kyuSlrDOvklv87ctz%2BrJHX4kgFAn1v0CZLw0Pt%2FhCXpAi21EjiiBUQsj6O4UNqRNv4lVSIxHleuY6wsSDlORQ0407CcFYUarfLsiSX49VCTS%2BjPL4CRy4P1yOj6CDK6SnPg4YooyzkHWT"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fb24a971b08-AMS
expires: Mon, 12 Jun 2023 11:19:04 GMT

GET
H/1.1 200
OK bootstrap-theme.min.css
paste4btc.com/css/ 13 KB
2 KB 63ms
37ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap-theme.min.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72060928bf66e8ff55b42e653f95429d4777769d790921ff8390eb1068da303

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 19924
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1747
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "3381-611ae702-21b1a;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTmuuqkejIfCf0SOpXPTex57wfG74QFCcH5AqHcUPXGJOU2szMgmgk4P4TD9DlYFx%2BMX5f7LW90CVKFRCWacRzXUwQYah7EqCzkK1uLDaaX%2F46lVeuw7JrsrseB4%2Bf0K3IPxvrbBm4%2Btvycq"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fb279c6b754-AMS
expires: Fri, 16 Jun 2023 13:18:33 GMT

GET
H/1.1 200
OK bootstrap-custom.css
paste4btc.com/css/ 2 KB
1 KB 76ms
49ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap-custom.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383a48e17b04756a1357be97f54651ca6290dd8810bddc0b676172909631b454

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 566
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "61e-611ae702-21b1b;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2IM0LZg1OzU6%2F%2FiwsZhwenFqLoSUth63kEkjYeq4gIO95dd8dOjLNrBPaq6E6y7PJI8s%2F1k1oU5QZgF7V6tozFIwKLSzoQwfEgXJKevtA0QbU%2B3XzK%2B09hZ9zNlqBtW0Fu%2FaXLX%2B2Lhk%2FGJ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fb27bb2b939-AMS
expires: Fri, 16 Jun 2023 18:50:37 GMT

GET
H/1.1 403
Forbidden c284dccfdc0ea6f8a0a4db7ab0960bd3.js
pl9195645.pvclouds.com/c2/84/dc/ 0
0 1274ms
108ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl9195645.pvclouds.com/c2/84/dc/c284dccfdc0ea6f8a0a4db7ab0960bd3.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK shCore.js Show response
paste4btc.com/scripts/ 15 KB
9 KB 63ms
37ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shCore.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d1434add65b0b17b5af8c027d77ae7cd8f793053043c09fa08edfa4a165faf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 367760
Cf-Polished: origSize=16175
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: W/"3f2f-611ae702-21b0e;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAxaBSIkhaFOIj3AA3FFR8qEG61lfnre1pOoCcxUJRh0wFok3idGO%2BIyYipGBT%2F%2F8qiAiKYeJ7HNYgxITIP0pGewi0IcyQWJ4kry1DquXS0FxwBo1XniORLRQL2x%2BLrqQnOIHzY0eQmUT%2FQ%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
CF-RAY: 7d4b8fb27c330b79-AMS
expires: Mon, 12 Jun 2023 12:41:17 GMT

GET
H/1.1 200
OK shAutoloader.js Show response
paste4btc.com/scripts/ 1 KB
2 KB 66ms
32ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shAutoloader.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da6654eadb3a4fd3d3eb9d12dba5b933fed332479d84adcf2b7a895a44a570a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 493024
Cf-Polished: origSize=1451
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: W/"5ab-611ae702-21af9;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4YiQGUXQsJ2sYDwim8euYhRMaWo%2FJVeDa4m6%2B%2B5OZuCGatkyTN%2Fz9gg2a%2Bs8%2Bc3nfKKW%2B0J4EuOxt3VQc6VYMtb9J7PKUI0z1cPauarU%2Be0L74eWoNI9oWq46FScI%2F62Mb4mNJ90hPGyEj4"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
CF-RAY: 7d4b8fb28aea1b08-AMS
expires: Sun, 11 Jun 2023 01:53:33 GMT

GET
H/1.1 200
OK shCoreDefault.css
paste4btc.com/styles/ 7 KB
2 KB 69ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/styles/shCoreDefault.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a199a96d76b9533e3a3597dc040c5a866c2e3d4f944e01f2a04a0ccfbfe82a5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 19229
Cf-Polished: origSize=8704
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: W/"2200-611ae702-21ae2;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4iEPooDbMkpC8V2GYMBIaazyyvyAtEpHWQUhDydjaCKCjwx9Eaoj6iGN%2Bao6H1E%2FmWrN4tW%2BugJbN3gCYjJwA3MAk2vxqHs5233bUpAVdnZpSr0Fs2WpvJ3uxPYDBJr%2FCVpH6%2BT%2FdRWmaws"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=604800
CF-RAY: 7d4b8fb279b50b67-AMS
expires: Fri, 16 Jun 2023 13:30:08 GMT

GET
H/1.1 200
OK shThemeEclipse.css
paste4btc.com/styles/ 2 KB
1 KB 70ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/styles/shThemeEclipse.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13db7ce6e9f290465fb29e8312c7c95aab701764bd1d910c97d08c55139ae3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 187342
Cf-Polished: origSize=3193
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: W/"c79-611ae702-21af2;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZwTjfffOX%2BHBdWcodjChgboQQ7x1numAwkPBDdr80XefQ5dhL%2BwWNSzVliYWqk%2F6ekZmqgDBVylRSDBCwYFVFg7y6JX7TG3MmCQk%2Fqg41mUinDSg6BTAnI9XyUpY1enn4s64DxTvXhc58tk"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=604800
CF-RAY: 7d4b8fb27f151c8c-AMS
expires: Wed, 14 Jun 2023 14:48:15 GMT

GET
H/1.1 200
OK jquery.min.js Show response
paste4btc.com/js/ 94 KB
33 KB 100ms
36ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/jquery.min.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 202797
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 33414
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "1787c-611ae702-21ad9;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymuETS3uvzo3kPzwXWpIMp9P0xjCDN2VCE2jeLfnQc0DmCuCZRcEVnjIq9%2FNUMeAuIrTVZsSyklKjW1On9FTvkg%2B625XSLoEfMyvmn7fL8HmUIcMBWAq3YkJe0vLsmATUQhT29o5a2h88EHS"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fb2ba00b754-AMS
expires: Wed, 14 Jun 2023 10:30:40 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
paste4btc.com/js/ 28 KB
8 KB 95ms
32ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/bootstrap.min.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 51
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7679
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "71b6-611ae702-21adb;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpPjcqbPWysn0BtISY%2BoEBVldR4OI2iEfQqzZZE4%2Fwo2vI2%2FY3lPIWXrkmCQVsEmdqCc9T7IyrsYcU2nxFuUtPBMiDkC0fp4Ku8%2F3sVGFZSfIT6ziskEiVCpmnQs4W%2Fc7oTICZU0iTgslEvW"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fb2bc7e0b79-AMS
expires: Fri, 19 May 2023 11:36:06 GMT

GET
H/1.1 200
OK menu.js Show response
paste4btc.com/js/ 365 B
1018 B 99ms
32ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/menu.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a610cdaf887383f775d316a703e7b75c6cbb8a0ac4d56b2b14723a6eb1fde4fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 248940
Cf-Polished: origSize=440
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: W/"1b8-611ae702-21add;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6w%2B1IB68%2B1gpMZgJ0YNjOR%2FQP2Cl31ZVif8n2zy8pTfzbiSnYWNqaxJZ5Mb13wTpiLHGUs5A9DPXXEpkOrcaIyFYtEShqt9LmW%2BK7G4RGpzLBdVKrdl8pCw%2FW86rD0UE0u1%2F203uq9eGKEH"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
CF-RAY: 7d4b8fb2bb261b08-AMS
expires: Tue, 13 Jun 2023 21:41:37 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

56 B
427 B

159ms
61ms

Script
text/javascript

23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 18:50:38 GMT
server: Oracle API Gateway
opc-request-id: /F2DEAC466B2A798AB6C282BB718BD006/5E75AD1F9841EB4C2DEE81FE74D2B679
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
server-timing: ak_p; desc="1686336637911_399431110_156215007_2008_3551_31_67_219";dur=1
content-length: 76
x-xss-protection: 1; mode=block

Redirect headers

Date: Fri, 09 Jun 2023 18:50:37 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Server-Timing: ak_p; desc="1686336637847_399431126_157619641_11_3307_31_0_-";dur=1
Content-Length: 171

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

51 KB
21 KB

188ms
60ms

Script
text/javascript

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 17:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 09 Jun 2023 19:04:48 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 40ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1791982795&t=pageview&_s=1&dl=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&ul=en-us&de=UTF-8&dt=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1217138490&gjid=1596409082&cid=817375038.1686336638&tid=UA-50173241-1&_gid=1067673764.1686336638&_r=1&_slc=1&z=2133751420

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://paste4btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 18:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://paste4btc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK invoke.js Show response
www.bnhtml.com/ 11 KB
6 KB 768ms
105ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.bnhtml.com/invoke.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

HTTP/1.1

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

7007f87fa4160d7b947b6775a8f21d2ae3b10529002ecb082af52aae2a7780cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: http://paste4btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 09 Jun 2023 18:50:39 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 139ed29a0680213c4e19cec869755f29
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
paste4btc.com/fonts/ 23 KB
23 KB 43ms
42ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/fonts/glyphicons-halflings-regular.woff
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/css/bootstrap.min.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: http://paste4btc.com/css/bootstrap.min.css
Origin: http://paste4btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:39 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
etag: W/"5b18-611ae702-21b38;;;"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQcNn5D8psrGNLIj66jzlKi%2FndbswyJmJZcT69s0z72ZpWGNYIxr1ug9VlH9aJ05FH%2B5P6wTuRtPgMGGQgtepINhjtNggxr0UTsKF%2BfzAzz64X%2B9F9DnQSX3mC7NKyReGnPmkPn4fQ6AMTzc"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Vary: Accept-Encoding
Cache-Control: max-age=86400
Connection: keep-alive
CF-RAY: 7d4b8fba4a5ab754-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK stats Show response
simplewebanalysis.com/ 40 B
427 B 81ms
35ms XHR
text/html 3.125.225.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://simplewebanalysis.com/stats
Requested by: Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js
Protocol: HTTP/1.1
Server: 3.125.225.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-225-220.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 2a203af12258b6a17e492c62bb95969f49fcb76f40505eb05d411dd4ca59576a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: fasthttp
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://paste4btc.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40

GET
H/1.1 200
OK 980375 Show response
ad.a-ads.com/ Frame 1061 12 KB
5 KB 114ms
63ms Document
text/html 136.243.3.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980375?size=468x60

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

HTTP/1.1

Server

136.243.3.135 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.135.3.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

17fe6c6d5adf051a1b7646490da9706bb41bfa43118887081bfe9d02ce2e4102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://paste4btc.com/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H2

200

embed.fallback.js Show response
a.disquscdn.com/next/current/embed/
Redirect Chain

http://paste4btc.disqus.com/embed.js
https://paste4btc.disqus.com/embed.js
https://a.disquscdn.com/next/current/embed/embed.fallback.js

76 KB
24 KB

105ms
34ms

Script
application/javascript

199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a.disquscdn.com/next/current/embed/embed.fallback.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a121a07842b38bb00197441f32dd1457b4057ff7237e9c5484e572613985bbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=300; includeSubdomains
x-amz-cf-pop: FRA6-C1
age: 258
cross-origin-resource-policy: cross-origin
content-length: 24133
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jun 2023 16:22:19 GMT
server: nginx
etag: "6480aebb-5e45"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
timing-allow-origin: *
x-amz-cf-id: fRqpB01I9Deox7cCoG1p3gielhnY9UG8lQRISgGJRp3JVyG-Maba3Q==

Redirect headers

Date: Fri, 09 Jun 2023 18:50:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
Server: Varnish
Vary: Accept-Encoding
Location: https://a.disquscdn.com/next/current/embed/embed.fallback.js
Cache-Control: private, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 0

GET
H/1.1 200
OK stats Show response
simplewebanalysis.com/ 40 B
427 B 69ms
36ms XHR
text/html 3.125.225.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://simplewebanalysis.com/stats
Requested by: Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js
Protocol: HTTP/1.1
Server: 3.125.225.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-225-220.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 1e8d3ec47285680162a5d46128e86cf4c2a1190691813e01668110471634d85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: fasthttp
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://paste4btc.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40

GET
H/1.1 200
OK 980377 Show response
ad.a-ads.com/ Frame 5D38 13 KB
5 KB 105ms
60ms Document
text/html 136.243.3.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980377?size=240x400

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

HTTP/1.1

Server

136.243.3.135 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.135.3.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

2e8c6242d25480c4112a76f0027865d7802af2b3243654b31c8b3ff2a06b5632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://paste4btc.com/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 980376 Show response
ad.a-ads.com/ Frame 8FBF 12 KB
5 KB 109ms
51ms Document
text/html 136.243.3.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980376?size=990x90

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

HTTP/1.1

Server

136.243.3.135 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.135.3.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

7a8422c5722c2e4a3f2e6e9c07799b5e8314bfcd3d2920b6f68abb578bc538fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 09 Jun 2023 18:50:39 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://paste4btc.com/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET watch.319717110307.js
www.urldelivery.com/ 0
0

GET watch.153340269975.js
www.urldelivery.com/ 0
0

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/117605/ Frame 1061 159 KB
160 KB 359ms
45ms Image
image/gif 136.243.3.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/117605/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/980375?size=468x60
Protocol: HTTP/1.1
Server: 136.243.3.135 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.135.3.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b0e8b4d837e6648030293de1f597de40598ea1afbfada75d0c5c408042a6146b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:40 GMT
x-amz-version-id: 8ypZJjgG23VXJPeVKGNzwn5DcXO_Ii38
Last-Modified: Sun, 19 Apr 2020 16:05:30 GMT
Server: nginx
x-amz-request-id: E4QCVYVWWWRPE3MN
ETag: "e7f9e5c271f14a8b1f820313c137195b"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163097
x-amz-id-2: AozeIk+dtThLZVpPNPTBfR3ihN8WSySDEMUHbjrNTO0XXnIHZXFx8SbDzZFbT3tDAO5so2e5KdU=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 1061 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5D38 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8FBF 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK shBrushPlain.js Show response
paste4btc.com/scripts/ 750 B
1 KB 39ms
39ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shBrushPlain.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4916a1324a99bcafb7b7e8b333d9b1fa37c427950bb0411d38baac12846c17ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/LrNCPq0O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:40 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 388
last-modified: Mon, 16 Aug 2021 22:30:26 GMT
Server: cloudflare
etag: "2ee-611ae702-21aff;gz"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm8gd17V1d7bk6lnB%2FHJ%2Bhfjw%2FpakSf02HZJdWeGjQv95qR9Q6LjnU8iFtoSPR9qFQNIfaSEo2pbrGcapyr4mIieoSTKNbYalFvoDOqIiq4Cg0qB1yS8PJGT1%2FJlbgqbpdcuHrrtiF11JzU%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 7d4b8fc2fcc1b754-AMS
expires: Fri, 16 Jun 2023 18:50:40 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 2A8C 6 KB
4 KB 226ms
149ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

28ddea3578532797400fd7fe8cb0e9a446f88dd30253a5db6403722ffda88a26

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2759
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 09 Jun 2023 18:50:40 GMT
ETag: W/"lounge:view:9707855525.559ca3864056e1773a73618a4f503ffc.2"
Last-Modified: Wed, 24 May 2023 14:37:53 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 195ms
120ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
c.disquscdn.com/next/embed/assets/img/ 1 KB
2 KB 141ms
32ms Image
image/svg+xml 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 13 May 2023 10:04:22 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 2364378
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1042
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-412"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VWfY3blKyQQDkiTqtRMgzdqCE4gYUcILcdzxyA2Ymwpm_BDErgRI4A==
expires: Sun, 12 May 2024 10:04:22 GMT

GET
H/1.1 200
OK watch.319717110307 Show response
www.urldelivery.com/ Frame D274 115 B
839 B 106ms
105ms Document
text/html 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.urldelivery.com/watch.319717110307?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1

Requested by

Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js

Protocol

HTTP/1.1

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 115
Content-Type: text/html
Date: Fri, 09 Jun 2023 18:50:40 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.19.5
Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: 608ab250277d8614ea91515e9ebf7cea

GET
H/1.1 200
OK watch.153340269975 Show response
www.urldelivery.com/ Frame B69C 115 B
839 B 104ms
104ms Document
text/html 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.urldelivery.com/watch.153340269975?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1

Requested by

Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js

Protocol

HTTP/1.1

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: http://paste4btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 115
Content-Type: text/html
Date: Fri, 09 Jun 2023 18:50:40 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.19.5
Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: aa59de7b4a81c5408aa98e71fc7eaa50

GET
H2 200 lounge.load.4aa308e45ed45f61ad93f7dc8819e037.js Show response
c.disquscdn.com/next/embed/ Frame 2A8C 1 KB
1 KB 119ms
32ms Script
application/javascript 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.4aa308e45ed45f61ad93f7dc8819e037.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cb93c6a5dad20acf45cefa131a793e0af611d217f34b410c878f4ec253cac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 07 Jun 2023 16:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 180912
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 624
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 07 Jun 2023 16:22:19 GMT
server: nginx
etag: "6480aebb-270"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: -E_1Y5wyWNRNoy9K9_z9jksTk-sTcbd8FVbsivF5kh-gWPk5oUSTqw==
expires: Thu, 06 Jun 2024 16:35:28 GMT

GET
H2 200 common.bundle.3010dbfb191900e8a54e3fd506a36c43.js Show response
c.disquscdn.com/next/embed/ Frame 2A8C 280 KB
93 KB 261ms
261ms Script
application/javascript 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.4aa308e45ed45f61ad93f7dc8819e037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93241ad49ec5e8a7bd9cbe3d9ab385441213db5c1b3a9d30a31e72cdd982ba72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 07 Jun 2023 16:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 180912
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94157
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 07 Jun 2023 16:22:19 GMT
server: nginx
etag: "6480aebb-16fcd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: QY15w57rKsAbvraxulCSzeC0suIdr0lsmOYFbBPet8KWnQlZC5w1OQ==
expires: Thu, 06 Jun 2024 16:35:29 GMT

GET
H2 200 lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame 2A8C 233 KB
33 KB 36ms
35ms Stylesheet
text/css 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 May 2023 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 863841
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33282
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 30 May 2023 18:28:53 GMT
server: nginx
etag: "64764065-8202"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: SfvwAtlBGj_P_4rS_WadFC7gdhehfFGZ8NdkC2-Ty87Sdzdc47N9NQ==
expires: Wed, 29 May 2024 18:53:20 GMT

GET
H2 200 lounge.bundle.be9c5600b5e77d3c5b5cc8812f62a405.js Show response
c.disquscdn.com/next/embed/ Frame 2A8C 511 KB
128 KB 39ms
38ms Script
application/javascript 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.be9c5600b5e77d3c5b5cc8812f62a405.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

12ec972d2c87f2a6f23a80328969a6739b6db3ccf484cfeb81a61543a523f1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 05 Jun 2023 09:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 379466
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 130464
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 01 Jun 2023 09:36:56 GMT
server: nginx
etag: "647866b8-1fda0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: GYJwavHfgCMV9Oenqs8d2l8Uw3JExYVHznRQdWD3KIaD6NBOEcIQFA==
expires: Tue, 04 Jun 2024 09:26:15 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2A8C 18 KB
19 KB 27ms
27ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3a5663f5469f6fd74fbd789be5696bd0859d3e42c7043bfc05d37818fc299a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:41 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 51
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18537
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2A8C 3 KB
3 KB 128ms
128ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=paste4btc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a3383aa42329dfbc9ba48bf1a41c73c24be578618e180108598c22cf6c956148

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:41 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3107
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 2A8C 11 KB
1 KB 122ms
44ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Jun 2023 18:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 18:44:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jun 2023 18:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 2A8C 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 13 KB
13 KB 33ms
33ms Image
image/svg+xml 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 15 Jan 2023 02:16:14 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 12587667
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NVU4SB2_MsU4iXh5-pNL4Q2KlfdY53YH5FvmqHIlyZBU7MzxZQitzg==
expires: Mon, 15 Jan 2024 02:16:14 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 3 KB
3 KB 33ms
33ms Image
image/gif 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 12844060
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0yx67rSujX1QDF_2QPvgk0g0NozCn8i-8IvRyibRJ1RzhDJ1Dh1aBQ==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 840 B
1 KB 34ms
33ms Image
image/svg+xml 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 19 Apr 2023 18:37:18 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 4407203
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 18 Apr 2023 23:42:29 GMT
server: nginx
etag: "643f2ae5-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qUenrX4T37pfiYb7qaQpOvvVgu2cCBWnehiN4hDYguCnQ_zkFuMhJA==
expires: Thu, 18 Apr 2024 18:37:18 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 891 B
1 KB 34ms
34ms Image
image/svg+xml 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 28 Jan 2023 10:59:15 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 11433086
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TwDrk4DmH4D-_Rkb0aNaOS-plaQ7tgeeexwUsJtMvvQ2_73hRvsyHQ==
expires: Sun, 28 Jan 2024 10:59:15 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 605 B
1 KB 35ms
34ms Image
image/svg+xml 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 07:05:35 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 12397506
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: APqaYQbIPSoCpClL9jW-5oA2Rb9VQCpMfQAYVJTad586nR6KsYSz7A==
expires: Wed, 17 Jan 2024 07:05:35 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 2A8C 2 KB
2 KB 37ms
37ms Image
image/png 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 06:16:10 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 12400471
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: s8IBArjYA1UjoRtaOcA5wZwgRGZzEB5N0d2JlUAhwJbEdngsm1Ylnw==
expires: Wed, 17 Jan 2024 06:16:10 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 2A8C 8 KB
8 KB 37ms
37ms Font
application/octet-stream 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 18:27:36 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 2679785
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 05 May 2023 08:10:53 GMT
server: nginx
etag: "6454ba0d-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1GYYYwcjlx0cBBTgZXlqlb1hoEJa-vYaCiTzt1DnuLQrPQOCIyh-Qg==
expires: Wed, 08 May 2024 18:27:36 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 37ms
36ms Script
application/javascript 2600:9000:2057:3a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Mar 2023 10:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7372732
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Mar 2023 09:36:57 GMT
server: nginx
etag: "64006e39-67d2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: zQgSofOC68-gB23pKarDOpEtDxUOzRQXrlDyXgafCgk0drRnzXK6nQ==
expires: Fri, 15 Mar 2024 10:51:49 GMT

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame 2A8C 40 B
322 B 109ms
109ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=direct&product=embed&thread=9707855525&thread_id=9707855525&forum=paste4btc&forum_id=3201658&zone=thread&page_url=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&service=fallback&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(66%2C139%2C202)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A921%7D&event=activity&imp=5rda7d117k9jbu&prev_imp=&section=default&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:41 GMT
X-Content-Type-Options: nosniff
Server: nginx
transfer-encoding: chunked
Content-Type: application/javascript
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2A8C 3 KB
3 KB 100ms
33ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d3b9fe7795331332e800f5c7fa62755b8adbbb20a50b02b905c8144b1f6bb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 18:50:41 GMT
content-md5: /ZWEi0QKUW7cLCjEb0EjkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ZCOmTKR9Kv6SWsKIiVW4Pv6y2EXpFpiNTIMSmM80MFR/gwJhRdT4nnHGox5XyxxqJkR3dRPuS0Z+Ve5ouJIUnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 0e37f4fcad539f7c5c39dc362f67ace9
cross-origin-opener-policy: same-origin-allow-popups
etag: "1c6a69c1d592756f89807c701890b1b7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 09 Jun 2023 19:04:04 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 2A8C 18 KB
7 KB 191ms
60ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84fbd77dc7585d6d030e4b80ff5b2a42e98b49f26564ae1c22c1f00d1f561367

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 18:50:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "9f7efcc141cc0080"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 18:50:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A8C 15 KB
16 KB 106ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 524786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A8C 15 KB
15 KB 149ms
80ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 573614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A8C 17 KB
17 KB 158ms
91ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 23:47:40 GMT
x-content-type-options: nosniff
age: 500581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 23:47:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A8C 16 KB
16 KB 105ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:08:02 GMT
x-content-type-options: nosniff
age: 517359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 19:08:02 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A8C 17 KB
17 KB 130ms
70ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:54:27 GMT
x-content-type-options: nosniff
age: 525374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 16:54:27 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
545 B 89ms
32ms Image
image/gif 143.204.215.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.6477152258781607
Protocol: HTTP/1.1
Server: 143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-101.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:31 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 10
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: xV97SehQeI4pfuenyDMgWYw8MNpgR7LgY1IuJHskh61rOp0c2Dxs4w==

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
545 B 89ms
33ms Image
image/gif 143.204.215.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.6477152258781607
Protocol: HTTP/1.1
Server: 143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-101.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:32 GMT
Via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 10
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: d6KAvBWAG_E9ZXX8pErb4gJ5Lw0mOWaP3d3N73Nt6jn9_avUtsgsqQ==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2A8C 300 KB
85 KB 70ms
35ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=65f79b8c5b48c87940c4dbbe3a15cc10

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7301cfe69f23bf846cf95a32ef62dc0fff027464a78a16249a439fa6145a4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 18:50:41 GMT
content-md5: Eamo/gOfrZqBM6lt3SIUeA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87173
x-fb-rlafr: 0
x-fb-debug: /S3sEcvMsNfytr94Oa/ZAC3NSY35Rn0HuZ6jy9s7go4O3sT3XKaRYDWuC9E+fpqJv3IHzSQlNet7tu9ZiEXTHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9394b603d7af00b0cbab33ab536a9956
cross-origin-opener-policy: same-origin-allow-popups
etag: "f09ef8750c3f743bd9638bf7ee80d3a1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 08 Jun 2024 17:39:35 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.yx-tLptTqjQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lMB9R4FnHbcNc7W-kLmXUOmsm5A/ Frame 2A8C 115 KB
39 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.yx-tLptTqjQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lMB9R4FnHbcNc7W-kLmXUOmsm5A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd53370973bdcc13066e87437fb9ad273d8ee52919ba12516c451426252d3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 03:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39951
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 03:53:46 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 2A8C 0
0 132ms
66ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=http%3A%2F%2Fpaste4btc.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dpaste4btc%26t_u%3Dhttp%253A%252F%252Fpaste4btc.com%252FLrNCPq0O%26t_d%3Dstarsessions%2520%257C%2520Paste4BTC.com%2520-%2520Earn%2520bitcoins%2520by%2520pasting!%26t_t%3Dstarsessions%2520%257C%2520Paste4BTC.com%2520-%2520Earn%2520bitcoins%2520by%2520pasting!%26s_o%3Ddefault%23version%3D4aa308e45ed45f61ad93f7dc8819e037&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 09 Jun 2023 18:50:41 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: qVo3vjJCtAbn1WAMffQ9auBweF0TGzBM58aZYLeGG+i9HQfIzd5XMTo8FWvFVBIyP7vvQH+oJlVvZj1HVnjx7Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 788E 280 B
1 KB 418ms
292ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.yx-tLptTqjQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lMB9R4FnHbcNc7W-kLmXUOmsm5A/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbbf42358e200fa2435d198a9c4549b520479bdd7ef5a9d866b7ca56d75dd781

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-IUsjvZWhDvsNyV9s7aOW1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-IUsjvZWhDvsNyV9s7aOW1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 18:50:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
788 B 124ms
48ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 799ba30291a3eea284d0f0b0686fa3121fbefc624f30b28d1e060fec4154976b

Request headers

Referer: http://paste4btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 09 Jun 2023 18:50:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://paste4btc.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

403
Forbidden

sync.gif
links.services.disqus.com/api/
Redirect Chain

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

0
0

74ms
45ms

Image
text/html

199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

Location: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
470 B 44ms
44ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 902e901d33197509b5ada037c0b4270a491205c1c3b9aa35414569b26834d4f0

Request headers

Referer: http://paste4btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 09 Jun 2023 18:50:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://paste4btc.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.2Q_HWzW-Rvw.es5.O/d=1/rs=AOaEmlH6T1C1zQKX8uWlNPrSYab4IMfiTA/ Frame 788E 101 KB
35 KB 109ms
35ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.2Q_HWzW-Rvw.es5.O/d=1/rs=AOaEmlH6T1C1zQKX8uWlNPrSYab4IMfiTA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cc4350c8b39ed85571ecf5216309cbc044f61b35ca395109f593228c4fc7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35363
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 04:39:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 07:47:34 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 788E 2 KB
912 B 78ms
77ms Other
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/LrNCPq0O

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c6057009d55eee5fa63cf4db54ec69d48492a88973b2e4b4d353e91d336d3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 18:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 788E 49 B
376 B 65ms
65ms XHR
application/json 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.2Q_HWzW-Rvw.es5.O/d=1/rs=AOaEmlH6T1C1zQKX8uWlNPrSYab4IMfiTA/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-C73QOgCiGgm0t8O-n4lTcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-C73QOgCiGgm0t8O-n4lTcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 18:34:53 GMT
content-encoding: gzip
age: 949
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 09 Jun 2023 19:34:53 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 2A8C 669 B
892 B 193ms
127ms Script
application/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=paste4btc&thread_id=9707855525&referer=&tc=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

364ec932507b7e4e91aba3fb17ee40e70a9bf608dc519be3aa76aeb5d03e827f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
X-Frame-Options: DENY
Vary: Accept-Encoding, Cookie
Content-Type: application/javascript
transfer-encoding: chunked
Cache-Control: no-cache
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 2A8C 43 B
339 B 113ms
112ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1295&event=init_embed&thread=9707855525&forum=paste4btc&forum_id=3201658&imp=5rda7d117k9jbu&prev_imp&thread_slug=starsessions_paste4btccom_earn_bitcoins_by_pasting_27&user_type=anon&referrer=http%3A%2F%2Fpaste4btc.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=default&variant=control&service=fallback&promoted_enabled=true&max_enabled=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame C564
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCILpjaQGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBqZTe9IE2C9isyvhVlwHeI&google_cver=1

42 B
319 B

55ms
32ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBqZTe9IE2C9isyvhVlwHeI&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store
content-length: 42
content-type: image/gif
date: Fri, 09 Jun 2023 18:50:43 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin: *
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 18:50:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBqZTe9IE2C9isyvhVlwHeI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 4762 569 B
1 KB 260ms
183ms Document
text/html 65.9.66.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c5rda7ei37gvb5v&pctry=NL&referrer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&cache_buster=0.873554730871
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3010dbfb191900e8a54e3fd506a36c43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-102.fra56.r.cloudfront.net
Software: lighttpd/1.4.59 /
Resource Hash: 099539d037339d41c2ccbdccc198fdead92b78106048a8fb870d78f5fd3fc6e1

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 569
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 18:50:42 GMT
server: lighttpd/1.4.59
vary: Cookie
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-id: NKkAYLwsDuwOdt8CiKdtaeX9Zn32fQhcpZUf2TeQnTepAvdMZca5Fw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame 2A8C
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac5rda7ei37gvb5v
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91775d
https://io.narrative.io/?io.narrative.guid.v2=893c3590-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91...

0
247 B

61ms
43ms

Image
text/plain

34.251.167.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=893c3590-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91775d
Protocol: HTTP/1.1
Server: 34.251.167.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:42 GMT
Cache-Control: no-cache
Server: nginx/1.22.1
Connection: keep-alive

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=893c3590-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c5rda7ei37gvb5v&gdpr_consent=&puid=8931d550-06f6-11ee-8f57-59b4fb91775d
Date: Fri, 09 Jun 2023 18:50:42 GMT
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 2A8C
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O
https://io.narrative.io/?io.narrative.guid.v2=8935a5e0-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O

35 B
319 B

86ms
43ms

Image
image/gif

34.251.167.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=8935a5e0-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O
Protocol: HTTP/1.1
Server: 34.251.167.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&t_d=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=starsessions%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 18:50:42 GMT
Cache-Control: no-cache
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=8935a5e0-06f6-11ee-adc5-02fbaff1cf4f&companyId=19&id=disqus_id%3Ac5rda7ei37gvb5v&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O
Date: Fri, 09 Jun 2023 18:50:42 GMT
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

480429.gif
idsync.rlcdn.com/ Frame 4762
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1686336642.887854
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_b...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2398461948971867983&cache_buster=1686336642.887854
https://p.rfihub.com/cm?pub=39342&in=1&userid=63942afc-4694-4d70-9c3a-64ddf94ee7f1%3A1686336642.8873954&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc5rda7ei37gvb5v%26_%3D168633664...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925577915574&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc5rda7ei37gvb5v%26_%3...
https://idsync.rlcdn.com/501709.gif?partner_uid=c5rda7ei37gvb5v&_=1686336643.2016597
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEPqVPNU1cKVpUPhX8KoHd8M&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPqVPNU1cKVpUPhX8KoHd8M&action=GET_ID&etid=&domid=1052
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2398461948971867983&opid=apx&ops=&utidl=tech:goo:CAESEPqVPNU1cKVpUPhX8KoHd8M&action=GET_ID&etid=&domid=1052
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A37686160454

42 B
60 B

33ms
32ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A37686160454
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c5rda7ei37gvb5v&pctry=NL&referrer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&cache_buster=0.873554730871
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:50:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A37686160454
date: Fri, 09 Jun 2023 18:50:43 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame 4762
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=63942afc-4694-4d70-9c3a-64ddf94ee7f1%3A1686336642.8873954&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a95405...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084925577915574&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=5140084925577915574
https://idsync.rlcdn.com/501709.gif?partner_uid=c5rda7ei37gvb5v&_=1686336643.3887336
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2398461948971867983

42 B
60 B

35ms
34ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2398461948971867983
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c5rda7ei37gvb5v&pctry=NL&referrer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&cache_buster=0.873554730871
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:50:43 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Date: Fri, 09 Jun 2023 18:50:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.152.205; 31.204.152.205; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 24853077-442a-49da-97cf-6c64277016a5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2398461948971867983
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.319717110307.js?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=e9a51755-ea3b-45c6-845e-69139804e55e%3A3%3A1

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.153340269975.js?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste4btc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jhm2vgnh32f5abng4f9cbbhv2j
.paste4btc.com/	1970-01-20 22:01:36	Name: _ga Value: GA1.2.817375038.1686336638
.paste4btc.com/	1970-01-20 12:27:03	Name: _gid Value: GA1.2.1067673764.1686336638
.paste4btc.com/	1970-01-20 12:25:36	Name: _gat Value: 1
.paste4btc.com/	1970-01-20 12:35:41	Name: 494668b4c0ef4d25bda4e75c27de2817 Value: 18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1
disqus.com/	1970-01-20 12:25:38	Name: __jid Value: 5rda7d117k9jbu
.disqus.com/	1970-01-20 21:11:12	Name: disqus_unique Value: 5rda7ei37gvb5v
.rezync.com/	1970-01-20 16:44:48	Name: zync-uuid Value: 63942afc-4694-4d70-9c3a-64ddf94ee7f1:1686336642.8873954
io.narrative.io/	1970-01-20 22:01:36	Name: io.narrative.guid.v2 Value: 893c3590-06f6-11ee-adc5-02fbaff1cf4f
.adnxs.com/	1970-01-20 14:35:12	Name: uuid2 Value: 2398461948971867983
.doubleclick.net/	1970-01-20 21:47:12	Name: IDE Value: AHWqTUmjsUlX9ioMREcJurdgqSmNVnOwSkaKkZvGa8FBBaBhdsZx_KZg1A-BAOyh4yk
.rfihub.com/	1970-01-20 21:47:12	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjU1N7c0BJImQnyGuhlBHlmeTkVOXu7pWQDV7si4JQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aIRPlPMBuHJFCUrm7_2PUQF-1BQwI0j6JrUuIzAqcY9Vmo1OVRH_dTWPgAnlMJRE6AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjU1N7c0BJImQnyGuhlBHlmeTkVOXu7pWQDV7si4JQAAAA
live.rezync.com/	1970-01-20 16:44:48	Name: sd-session-id Value: .eJwNjMEOgjAQRP9lz9RQut1t-RlS28U0KioFDhL_3b1M3uRN5oTpLeszLbJsMG7rLh3kR9XWYDyh1PbZlSD7tSSW6vh2XP0BHbT6fcpdlbfY9wHj4D1ztJoIP_XSWn0tUy26IRdxSHM2SBENFu5NzC4ZwlLmiCI829FSIOeIcLiEwC56_fkD1C0ueA.ZIN0gw.T_zSVIXwyb_CxB8KKsozi62rbnY
.rfihub.com/	1970-01-20 21:47:12	Name: eud Value: H4sIAAAAAAAA_1XIsRGAIAwF0AmsmCMe8L8JcRsOyECWlk5q553le1cyhbP2GEJ1Cqdl8YEuyjnDuZZFOYs2BVRZ99YMfvBO25dArs_feAH19mMIWgAAAA
.rlcdn.com/	1970-01-20 13:52:00	Name: pxrc Value: CILpjaQGEgUI6AcQABIGCLbqARABEgYIuuoBEAASBgjbwh4QAQ==
.mediarithmics.com/	1970-01-20 21:11:12	Name: mics_vid Value: 37686160454
.mediarithmics.com/	1970-01-20 21:11:12	Name: mics_uaid Value: web:1:f158c139-46da-4a98-bf9d-a6c354f5b95e
.mediarithmics.com/	1970-01-20 21:11:12	Name: mics_lts Value: 1686336643986
.rlcdn.com/	1970-01-20 21:11:12	Name: rlas3 Value: qHi7x2+1CicxyqmffvmOaSO9VyZiYVSPJDM+zw5jAXg=

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl9195645.pvclouds.com/c2/84/dc/c284dccfdc0ea6f8a0a4db7ab0960bd3.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://paste4btc.com/LrNCPq0O(Line 67) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.bnhtml.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://paste4btc.com/LrNCPq0O(Line 67) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.bnhtml.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://paste4btc.com/LrNCPq0O(Line 187) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.bnhtml.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://paste4btc.com/LrNCPq0O(Line 187) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.bnhtml.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: http://paste4btc.com/LrNCPq0O Message: Access to XMLHttpRequest at 'http://www.urldelivery.com/watch.319717110307.js?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=e9a51755-ea3b-45c6-845e-69139804e55e%3A3%3A1' from origin 'http://paste4btc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://www.urldelivery.com/watch.319717110307.js?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=e9a51755-ea3b-45c6-845e-69139804e55e%3A3%3A1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://paste4btc.com/LrNCPq0O Message: Access to XMLHttpRequest at 'http://www.urldelivery.com/watch.153340269975.js?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1' from origin 'http://paste4btc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://www.urldelivery.com/watch.153340269975.js?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22starsessions%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FLrNCPq0O&tz=0&dev=r&res=4.29&uuid=18e7fa2b-dff3-4ba4-86a3-2de9c3876824%3A1%3A1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
ad.a-ads.com
apis.google.com
c.disquscdn.com
cdn.viglink.com
cm.g.doubleclick.net
connect.facebook.net
cookie-matching.mediarithmics.com
disqus.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
links.services.disqus.com
live.rezync.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
paste4btc.com
paste4btc.disqus.com
pl9195645.pvclouds.com
referrer.disqus.com
s7.addthis.com
simplewebanalysis.com
static.a-ads.com
www.bnhtml.com
www.facebook.com
www.google-analytics.com
www.gstatic.com
www.urldelivery.com
www.urldelivery.com
136.243.3.135
142.250.184.226
143.204.215.101
151.101.0.134
185.89.210.20
192.243.59.20
192.243.61.225
193.0.160.131
199.232.192.134
199.232.192.64
199.232.196.134
199.232.198.49
23.206.208.114
2600:9000:2057:3a00:6:8656:f5c0:93a1
2a00:1450:4001:806::200d
2a00:1450:4001:806::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:831::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
3.125.225.220
34.251.167.48
35.244.174.68
52.211.237.155
54.36.150.186
65.9.66.102
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
099539d037339d41c2ccbdccc198fdead92b78106048a8fb870d78f5fd3fc6e1
12ec972d2c87f2a6f23a80328969a6739b6db3ccf484cfeb81a61543a523f1f7
17fe6c6d5adf051a1b7646490da9706bb41bfa43118887081bfe9d02ce2e4102
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e8d3ec47285680162a5d46128e86cf4c2a1190691813e01668110471634d85f
21cc4350c8b39ed85571ecf5216309cbc044f61b35ca395109f593228c4fc7fc
28ddea3578532797400fd7fe8cb0e9a446f88dd30253a5db6403722ffda88a26
294dbc1fbc2cfe3ad37121d0c09dc9f8303b1eb2127fdcfdd00a7c934521e68c
2a203af12258b6a17e492c62bb95969f49fcb76f40505eb05d411dd4ca59576a
2e8c6242d25480c4112a76f0027865d7802af2b3243654b31c8b3ff2a06b5632
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
32d1434add65b0b17b5af8c027d77ae7cd8f793053043c09fa08edfa4a165faf
364ec932507b7e4e91aba3fb17ee40e70a9bf608dc519be3aa76aeb5d03e827f
383a48e17b04756a1357be97f54651ca6290dd8810bddc0b676172909631b454
3a5663f5469f6fd74fbd789be5696bd0859d3e42c7043bfc05d37818fc299a9b
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4916a1324a99bcafb7b7e8b333d9b1fa37c427950bb0411d38baac12846c17ad
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
5fd53370973bdcc13066e87437fb9ad273d8ee52919ba12516c451426252d3b6
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6da6654eadb3a4fd3d3eb9d12dba5b933fed332479d84adcf2b7a895a44a570a
7007f87fa4160d7b947b6775a8f21d2ae3b10529002ecb082af52aae2a7780cc
799ba30291a3eea284d0f0b0686fa3121fbefc624f30b28d1e060fec4154976b
7a8422c5722c2e4a3f2e6e9c07799b5e8314bfcd3d2920b6f68abb578bc538fe
7c6057009d55eee5fa63cf4db54ec69d48492a88973b2e4b4d353e91d336d3a4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fbd77dc7585d6d030e4b80ff5b2a42e98b49f26564ae1c22c1f00d1f561367
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
902e901d33197509b5ada037c0b4270a491205c1c3b9aa35414569b26834d4f0
93241ad49ec5e8a7bd9cbe3d9ab385441213db5c1b3a9d30a31e72cdd982ba72
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9d3b9fe7795331332e800f5c7fa62755b8adbbb20a50b02b905c8144b1f6bb85
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a121a07842b38bb00197441f32dd1457b4057ff7237e9c5484e572613985bbf6
a13db7ce6e9f290465fb29e8312c7c95aab701764bd1d910c97d08c55139ae3b
a199a96d76b9533e3a3597dc040c5a866c2e3d4f944e01f2a04a0ccfbfe82a5d
a3383aa42329dfbc9ba48bf1a41c73c24be578618e180108598c22cf6c956148
a610cdaf887383f775d316a703e7b75c6cbb8a0ac4d56b2b14723a6eb1fde4fe
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e8b4d837e6648030293de1f597de40598ea1afbfada75d0c5c408042a6146b
b7301cfe69f23bf846cf95a32ef62dc0fff027464a78a16249a439fa6145a4a8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c72060928bf66e8ff55b42e653f95429d4777769d790921ff8390eb1068da303
cb93c6a5dad20acf45cefa131a793e0af611d217f34b410c878f4ec253cac97e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbbf42358e200fa2435d198a9c4549b520479bdd7ef5a9d866b7ca56d75dd781
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

paste4btc.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

53 %HTTPS

34 %IPv6

24 Domains

33 Subdomains

24 IPs

4 Countries

938 kBTransfer

2444 kBSize

21 Cookies

3 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste4btc.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

53 %
HTTPS

34 %
IPv6

24
Domains

33
Subdomains

24
IPs

4
Countries

938 kB
Transfer

2444 kB
Size

21
Cookies

75 HTTP transactions
4 data transactions