urlscan.io logo urlscan.io
SecurityTrails logo

pastehere.xyz Open in urlscan Pro
2606:4700:30::6812:2458  Public Scan

Go To Rescan Add Verdict Report
URL: http://pastehere.xyz/ekY4zx3u/
Submission: On December 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 17 domains to perform 34 HTTP transactions. The main IP is 2606:4700:30::6812:2458, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pastehere.xyz.
This is the only time pastehere.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.116.245.25 42263 (INNOVO-CLOUD)
2 35.190.67.152 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.8.27 15169 (GOOGLE)
1 35.190.44.145 15169 (GOOGLE)
1 35.190.64.167 15169 (GOOGLE)
34 16
10    2606:4700:30::6812:2458 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
pastehere.xyz
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    185.116.245.25 (Germany)

ASN42263 (INNOVO-CLOUD, DE)
weloveiconfonts.com
2    35.190.67.152 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 152.67.190.35.bc.googleusercontent.com
velocitycdn.com
7    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2606:4700:30::6812:3647 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    35.190.8.27 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 27.8.190.35.bc.googleusercontent.com
onclicksuper.com
1    35.190.44.145 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 145.44.190.35.bc.googleusercontent.com
onclicktop.com
1    35.190.64.167 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.64.190.35.bc.googleusercontent.com
onclickmega.com
Domain Requested by
10 pastehere.xyz pastehere.xyz
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com pastehere.xyz
2 velocitycdn.com pastehere.xyz
2 weloveiconfonts.com 1 redirects pastehere.xyz
2 pagead2.googlesyndication.com pastehere.xyz
pagead2.googlesyndication.com
2 netdna.bootstrapcdn.com pastehere.xyz
1 onclickmega.com pastehere.xyz
1 onclicktop.com pastehere.xyz
1 onclicksuper.com pastehere.xyz
1 www.googletagservices.com pagead2.googlesyndication.com
1 ufpcdn.com pastehere.xyz
1 fonts.gstatic.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com pastehere.xyz
1 code.jquery.com pastehere.xyz
34 17

This site contains links to these domains. Also see Links.

Domain
cloud.mail.ru
bankupload.com
uptobox.com
thevid.tv
rapidgator.net
Subject Issuer Validity Valid
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
weloveiconfonts.com
Let's Encrypt Authority X3		 2019-11-09 -
2020-02-07		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://pastehere.xyz/ekY4zx3u/
Frame ID: E6FEBFB922092015EBC5C101270A6F10
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 7CAF03DC171EFD517975EC5DAE3A1A5F
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 95636AA9EF0D60F1DF83E27684BFD869
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=280&slotname=9882860232&adk=891063457&adf=4145630270&w=791&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=791x280&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1576513876277&bpp=24&bdt=232&fdt=73&idt=74&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4841370200685&frm=20&pv=2&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=2161322&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=269&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=duBxxgNYA6&p=http%3A//pastehere.xyz&dtd=86
Frame ID: 52F0FBC00DAFA41D24B9852500632B6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=600&slotname=9171270530&adk=890150809&adf=1709152577&w=198&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=198x600&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1576513876303&bpp=5&bdt=257&fdt=96&idt=96&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1149&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4F4L6cRqeU&p=http%3A//pastehere.xyz&dtd=98
Frame ID: 6E19EA428C968FED24658453FCFAEFE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=90&slotname=1648003737&adk=1468119641&adf=2598575840&w=728&lmt=1576513876&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&wgl=1&adsid=NT&dt=1576513876308&bpp=4&bdt=263&fdt=101&idt=101&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=4eqMn3BiSO&p=http%3A//pastehere.xyz&dtd=104
Frame ID: D8EFE064E01BB95D8CC11E2132AF68CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&adk=1812271804&adf=3025194257&lmt=1576513876&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576513876312&bpp=4&bdt=267&fdt=127&idt=128&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600%2C728x90&nras=1&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=132
Frame ID: 41859BFC7DCA5F961A3FDBE34079198B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

50 %
HTTPS

69 %
IPv6

17
Domains

17
Subdomains

16
IPs

3
Countries

350 kB
Transfer

845 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://weloveiconfonts.com/api/?family=entypo HTTP 302
  • https://weloveiconfonts.com/api/?family=entypo
Request Chain 21
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 25
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1389783584&gjid=555382330&cid=769237802.1576513876&tid=UA-88943648-1&_gid=2137627457.1576513876&_r=1&z=537377894 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1389783584&gjid=555382330&cid=769237802.1576513876&tid=UA-88943648-1&_gid=2137627457.1576513876&_r=1&z=537377894

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
pastehere.xyz/ekY4zx3u/ 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a31b786881461c33f44b3d35060c92d5e8d3bde3441e7b4d9e9c2933c0025b8

Request headers

Host
pastehere.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcaad996f413f10b36e9b3fc97b4e25b91576513875; expires=Wed, 15-Jan-20 16:31:15 GMT; path=/; domain=.pastehere.xyz; HttpOnly PHPSESSID=a75fcvjliptapadpooi15ealm0; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
X-Varnish
481613029
Age
0
X-Cache
MISS
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54620bebdce1cbb4-VIE
Content-Encoding
gzip
site.css
pastehere.xyz/theme/default/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/css/site.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d60a9d2c5810c63892c0f58c15e8f4810b4f3dc8035304924a17043ef9ddfd

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
46
CF-RAY
54620bed5933cbb4-VIE
X-Cache
HIT
Connection
keep-alive
Content-Length
6209
Last-Modified
Mon, 04 Feb 2019 18:35:59 GMT
Server
cloudflare
Vary
Accept-Encoding
X-Varnish
210671203 202797525
Cache-Control
max-age=432000
Accept-Ranges
bytes
Content-Type
text/css
X-Cache-Hits
2
reset.css
pastehere.xyz/theme/default/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/css/reset.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f58bc3ebb0eb54eaf7d8a688f427cfb42ad22db7344e2025c152dc0433998c

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
46
CF-RAY
54620bed6d3859a6-VIE
X-Cache
HIT
Connection
keep-alive
Content-Length
3669
Last-Modified
Mon, 04 Feb 2019 18:35:57 GMT
Server
cloudflare
Vary
Accept-Encoding
X-Varnish
380590599 383943935
Cache-Control
max-age=432000
Accept-Ranges
bytes
Content-Type
text/css
X-Cache-Hits
15
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-169d5"
Vary
Accept-Encoding
X-HW
1576513876.dop103.fr8.shc,1576513876.dop103.fr8.t,1576513876.cds018.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32772
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.1.1/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.1.1/css/font-awesome.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
a2d30057d0a8007fb75fb8a6e4f82f59d3858d29ea176db9c73f665209e86123

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
4713
jquery-1.11.0.min.js
pastehere.xyz/theme/default/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/js/jquery-1.11.0.min.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

CF-RAY
54620bed6e38cbc4-VIE
Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Feb 2019 18:36:28 GMT
Server
cloudflare
Age
46
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
469409372
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
bootstrap.min.js
pastehere.xyz/theme/default/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/js/bootstrap.min.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd0a57efbd4380f0281dfcb046b59450c98271164dedd5e5c9e8e375a1cfb14

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
46
CF-RAY
54620bed6bcc59e2-VIE
X-Cache
HIT
Connection
keep-alive
Content-Length
1957
Last-Modified
Mon, 04 Feb 2019 18:36:25 GMT
Server
cloudflare
Vary
Accept-Encoding
X-Varnish
383036969 382317431
Cache-Control
max-age=432000
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
2
logo.png
pastehere.xyz/theme/default/img/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pastehere.xyz/theme/default/img/logo.png
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dfd41c4400c13ee1f6d6a69fbb69ede314f4d5b9be20ede99ffea09417939cb

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

CF-RAY
54620bed6934cbbc-VIE
Date
Mon, 16 Dec 2019 16:31:16 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Feb 2019 18:36:17 GMT
Server
cloudflare
Age
46
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
469231929
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
711
css
fonts.googleapis.com/ 		3 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7248649b1867bc2fbdbce50bcc87e468f8a55edb242b26028a951ede7520859e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 16 Dec 2019 16:31:16 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 16 Dec 2019 16:31:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 16 Dec 2019 16:31:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
5281130449454371869
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
37934
X-XSS-Protection
0
Expires
Mon, 16 Dec 2019 16:31:16 GMT
medium.css
pastehere.xyz/theme/default/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/css/medium.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd0e63605671e03bf5fcea68b15e3dfcb0348931cf0111e1d669a4999594efc

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
46
CF-RAY
54620bed8bdf59e2-VIE
X-Cache
HIT
Connection
keep-alive
Content-Length
964
Last-Modified
Mon, 04 Feb 2019 18:35:56 GMT
Server
cloudflare
Vary
Accept-Encoding
X-Varnish
384108358 380320039
Cache-Control
max-age=432000
Accept-Ranges
bytes
Content-Type
text/css
X-Cache-Hits
3
small.css
pastehere.xyz/theme/default/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/css/small.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ab4c36bfb2c66cae75ebd7f298ca99b6ff9e989c018ce8db1dfb208d1a4b45

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
46
CF-RAY
54620bedbeffcbc4-VIE
X-Cache
HIT
Connection
keep-alive
Content-Length
2106
Last-Modified
Mon, 04 Feb 2019 18:36:00 GMT
Server
cloudflare
Vary
Accept-Encoding
X-Varnish
382068917 383915097
Cache-Control
max-age=432000
Accept-Ranges
bytes
Content-Type
text/css
X-Cache-Hits
14
/
weloveiconfonts.com/api/
Redirect Chain
  • http://weloveiconfonts.com/api/?family=entypo
  • https://weloveiconfonts.com/api/?family=entypo
12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weloveiconfonts.com/api/?family=entypo
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.116.245.25 , Germany, ASN42263 (INNOVO-CLOUD, DE),
Reverse DNS
Software
/ PHP/7.2.18
Resource Hash
8fbf8bd497d664e982da04b44879bd7a04775a300f04302fdd980d1d171e7af6
Security Headers
Name Value
Content-Security-Policy script-src: https://themes.googleusercontent.com
Strict-Transport-Security max-age=15768000
X-Content-Type-Options : nosniff
X-Frame-Options : DENY
X-Xss-Protection : 1;mode=block

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:30:15 GMT
content-encoding
gzip
x-content-type-options
: nosniff
age
60
x-powered-by
PHP/7.2.18
x-cache
HIT
status
200
grace
none
strict-transport-security
max-age=15768000
content-length
2399
x-xss-protection
: 1;mode=block
referrer-policy
no-referrer-when-downgrade
x-frame-options
: DENY
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
content-security-policy
script-src: https://themes.googleusercontent.com
accept-ranges
bytes

Redirect headers

Location
https://weloveiconfonts.com/api/?family=entypo
Cache-Control
no-cache
Content-length
0
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.1.1/css/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.1.1/css/font-awesome.css
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
4713
page_bg.gif
pastehere.xyz/theme/default/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pastehere.xyz/theme/default/img/page_bg.gif
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b130e141eb373c16f37f999d8881b4194070a78339626db091846466412eb3c

Request headers

Referer
http://pastehere.xyz/theme/default/css/reset.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

CF-RAY
54620beeba0fcbc4-VIE
Date
Mon, 16 Dec 2019 16:31:16 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Feb 2019 18:36:18 GMT
Server
cloudflare
Age
46
Vary
Accept-Encoding
X-Cache
HIT
X-Varnish
379243282 383459320
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
7356
X-Cache-Hits
7
20F162_0_0-e06a6a50.woff
pastehere.xyz/theme/default/css/webfonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://pastehere.xyz/theme/default/css/webfonts/20F162_0_0-e06a6a50.woff
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2458 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d22667ba4a6a58c09f9c7894bc306a0fe452cb174bc467d8e4cade6ae9774d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/theme/default/css/site.css
Origin
http://pastehere.xyz

Response headers

CF-RAY
54620beebcbd59e2-VIE
Date
Mon, 16 Dec 2019 16:31:16 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Feb 2019 18:36:44 GMT
Server
cloudflare
Age
3207
Vary
Accept-Encoding
X-Cache
HIT
X-Varnish
210510460 210475678
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
font/woff
Content-Length
24071
X-Cache-Hits
9
compatibility.js
velocitycdn.com/script/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://velocitycdn.com/script/compatibility.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
35.190.67.152 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
152.67.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:19:19 GMT
Age
717
X-GUploader-UploadID
AEnB2UoDOeD8XlTE-f4jLcGo5ftZYUJ4Xhz0uEAutS1Ye44MJR6TyoR0TAnzRwamUR0PWeqrcT6TagXjqyEIKaJLERcu071TsC2UhX2Fyq3yet5zN48qJqo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Content-Length
12119
Last-Modified
Thu, 14 Nov 2019 10:12:19 GMT
Server
UploadServer
ETag
"4798f8dea4e1699c741550414944af68"
x-goog-hash
crc32c=bUD+ww==, md5=R5j43qThaZx0FVBBSUSvaA==
x-goog-generation
1573726339118281
Cache-Control
public, max-age=3600
x-goog-stored-content-length
12119
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Mon, 16 Dec 2019 17:19:19 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pastehere.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastehere.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 		245 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
91654
x-xss-protection
0
server
cafe
etag
2923717731764352670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Dec 2019 16:31:16 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300
Origin
http://pastehere.xyz

Response headers

date
Thu, 21 Nov 2019 16:53:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:10 GMT
server
sffe
age
2158662
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8876
x-xss-protection
0
expires
Fri, 20 Nov 2020 16:53:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 7CAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pastehere.xyz/ekY4zx3u/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 05 Dec 2019 17:33:14 GMT
expires
Thu, 19 Dec 2019 17:33:14 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
946682
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
7059
date
Mon, 16 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 16 Dec 2019 16:33:37 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cookie set identify.html
ufpcdn.com/script/ Frame 9563 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3647 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://pastehere.xyz/ekY4zx3u/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1ad78a9053ebfaf301191e3a2a0c5f301576513876; expires=Wed, 15-Jan-20 16:31:16 GMT; path=/; domain=.ufpcdn.com; HttpOnly
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54620bef4bd9cbc4-VIE
Content-Encoding
gzip
ads
googleads.g.doubleclick.net/pagead/ Frame 52F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=280&slotname=9882860232&adk=891063457&adf=4145630270&w=791&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=791x280&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1576513876277&bpp=24&bdt=232&fdt=73&idt=74&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4841370200685&frm=20&pv=2&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=2161322&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=269&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=duBxxgNYA6&p=http%3A//pastehere.xyz&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2566784489798361&output=html&h=280&slotname=9882860232&adk=891063457&adf=4145630270&w=791&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=791x280&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1576513876277&bpp=24&bdt=232&fdt=73&idt=74&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4841370200685&frm=20&pv=2&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=2161322&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=269&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=duBxxgNYA6&p=http%3A//pastehere.xyz&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pastehere.xyz/ekY4zx3u/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 16 Dec 2019 16:31:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Dec-2019 16:46:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 16 Dec 2019 16:31:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Dec 2019 16:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Mon, 16 Dec 2019 16:31:16 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteH...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20Paste...
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1389783584&gjid=555382330&cid=769237802.1576513876&tid=UA-88943648-1&_gid=2137627457.1576513876&_r=1&z=537377894
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Dec 2019 16:31:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613925346&t=pageview&_s=1&dl=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ul=en-us&de=UTF-8&dt=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1389783584&gjid=555382330&cid=769237802.1576513876&tid=UA-88943648-1&_gid=2137627457.1576513876&_r=1&z=537377894
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame 6E19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=600&slotname=9171270530&adk=890150809&adf=1709152577&w=198&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=198x600&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1576513876303&bpp=5&bdt=257&fdt=96&idt=96&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1149&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4F4L6cRqeU&p=http%3A//pastehere.xyz&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2566784489798361&output=html&h=600&slotname=9171270530&adk=890150809&adf=1709152577&w=198&fwrn=4&fwrnh=100&lmt=1576513876&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=198x600&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1576513876303&bpp=5&bdt=257&fdt=96&idt=96&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1149&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4F4L6cRqeU&p=http%3A//pastehere.xyz&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pastehere.xyz/ekY4zx3u/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 16 Dec 2019 16:31:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Dec-2019 16:46:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 16 Dec 2019 16:31:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D8EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&h=90&slotname=1648003737&adk=1468119641&adf=2598575840&w=728&lmt=1576513876&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&wgl=1&adsid=NT&dt=1576513876308&bpp=4&bdt=263&fdt=101&idt=101&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=4eqMn3BiSO&p=http%3A//pastehere.xyz&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2566784489798361&output=html&h=90&slotname=1648003737&adk=1468119641&adf=2598575840&w=728&lmt=1576513876&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&flash=0&wgl=1&adsid=NT&dt=1576513876308&bpp=4&bdt=263&fdt=101&idt=101&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=4eqMn3BiSO&p=http%3A//pastehere.xyz&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pastehere.xyz/ekY4zx3u/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 16 Dec 2019 16:31:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Dec-2019 16:46:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 16 Dec 2019 16:31:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4185 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2566784489798361&output=html&adk=1812271804&adf=3025194257&lmt=1576513876&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576513876312&bpp=4&bdt=267&fdt=127&idt=128&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600%2C728x90&nras=1&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2566784489798361&output=html&adk=1812271804&adf=3025194257&lmt=1576513876&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpastehere.xyz%2FekY4zx3u%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576513876312&bpp=4&bdt=267&fdt=127&idt=128&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=791x280%2C198x600%2C728x90&nras=1&correlator=4841370200685&frm=20&pv=1&ga_vid=769237802.1576513876&ga_sid=1576513876&ga_hid=1613925346&ga_fc=0&iag=0&icsg=35715754&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040010&oid=3&pvsid=701264371569378&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pastehere.xyz/ekY4zx3u/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pastehere.xyz/ekY4zx3u/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 16 Dec 2019 16:31:16 GMT
server
cafe
content-length
374
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Dec-2019 16:46:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 16 Dec 2019 16:31:16 GMT
cache-control
private
suurl.php
onclicksuper.com/script/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://onclicksuper.com/script/suurl.php?r=2390587&cbrandom=0.2888080004658209&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&cbref=&cbdescription=PasteHere%20is%20an%20advanced%20text%20storage%20tool%20where%20you%20can%20store%20text%2C%20sensitive%20data%20and%20source%20code%20for%20a%20set%20period%20of%20time.&cbkeywords=pastehere%2C%20pastebin%2C%20text%2C%20paste%2C%20host%2C%20links%2C%20online%20paste%2C%20copy-paste%2C%20paste%20text&cbcdn=velocitycdn.com
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
chrome.js
velocitycdn.com/script/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://velocitycdn.com/script/chrome.js
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
35.190.67.152 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
152.67.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:22:14 GMT
Age
542
X-GUploader-UploadID
AEnB2UpNYaR05JYbpda04JNup46SmfU6gB5FCqu8xqtrx07NXLNOZiEHI4UXTKQjCi4Jgo80qo-9O6pDOeWpCGRgB1tGOD1w2c6BCnkUKElWkPc3Kwef-JY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Content-Length
18777
Last-Modified
Thu, 31 Oct 2019 10:14:31 GMT
Server
UploadServer
ETag
"2990eae17895f67de9f4fbca62475041"
x-goog-hash
crc32c=hVwIww==, md5=KZDq4XiV9n3p9PvKYkdQQQ==
x-goog-generation
1572516871888329
Cache-Control
public, max-age=3600
x-goog-stored-content-length
18777
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Mon, 16 Dec 2019 17:22:14 GMT
suurl.php
onclicktop.com/script/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://onclicktop.com/script/suurl.php?r=2390587&cbrandom=0.2888080004658209&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&cbref=&cbdescription=PasteHere%20is%20an%20advanced%20text%20storage%20tool%20where%20you%20can%20store%20text%2C%20sensitive%20data%20and%20source%20code%20for%20a%20set%20period%20of%20time.&cbkeywords=pastehere%2C%20pastebin%2C%20text%2C%20paste%2C%20host%2C%20links%2C%20online%20paste%2C%20copy-paste%2C%20paste%20text&cbcdn=velocitycdn.com&ufp=209536467411459573051444724663
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
35.190.44.145 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
145.44.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
suurl.php
onclickmega.com/script/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickmega.com/script/suurl.php?r=2390587&cbrandom=0.2888080004658209&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Avengers%20Endgame%201080p%20WEBRip%20%7C%20PasteHere%20-%20Host%20or%20Paste%20text%20and%20links&cbref=&cbdescription=PasteHere%20is%20an%20advanced%20text%20storage%20tool%20where%20you%20can%20store%20text%2C%20sensitive%20data%20and%20source%20code%20for%20a%20set%20period%20of%20time.&cbkeywords=pastehere%2C%20pastebin%2C%20text%2C%20paste%2C%20host%2C%20links%2C%20online%20paste%2C%20copy-paste%2C%20paste%20text&cbcdn=velocitycdn.com&ufp=209536467411459573051444724663
Requested by
Host: pastehere.xyz
URL: http://pastehere.xyz/ekY4zx3u/
Protocol
HTTP/1.1
Server
35.190.64.167 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
167.64.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
http://pastehere.xyz/ekY4zx3u/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Dec 2019 16:31:16 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| originalNavClasses function| toggleNav function| valDoc function| passDoc function| togglev function| selectText object| adsbygoogle object| adcashMacros object| zoneSett object| urls object| _0x7894 function| acPrefetch object| CTABPu object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars string| GoogleAnalyticsObject function| ga object| _0x9379 function| ufpAttach object| CTAMAT object| adcashUfp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _0x10e2 object| Cnac object| stamat function| NqPnfu2696866862456728 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa

8 Cookies

Domain/Path Name / Value
.ufpcdn.com/ Name: __cfduid
Value: d1ad78a9053ebfaf301191e3a2a0c5f301576513876
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
ufpcdn.com/ Name: adcashufpv3
Value: 209536467411459573051444724663
.pastehere.xyz/ Name: _gat
Value: 1
pastehere.xyz/ Name: adcashufpv3
Value: 209536467411459573051444724663
.pastehere.xyz/ Name: _gid
Value: GA1.2.2137627457.1576513876
.pastehere.xyz/ Name: _ga
Value: GA1.2.769237802.1576513876
.pastehere.xyz/ Name: __cfduid
Value: d05fcee886fab466db62a2d47c093f84b1576513876

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
netdna.bootstrapcdn.com
onclickmega.com
onclicksuper.com
onclicktop.com
pagead2.googlesyndication.com
pastehere.xyz
ufpcdn.com
velocitycdn.com
weloveiconfonts.com
www.google-analytics.com
www.googletagservices.com
185.116.245.25
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2a
2606:4700:30::6812:2458
2606:4700:30::6812:3647
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:816::2002
2a00:1450:4001:818::2003
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::200a
35.190.44.145
35.190.64.167
35.190.67.152
35.190.8.27
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1dfd41c4400c13ee1f6d6a69fbb69ede314f4d5b9be20ede99ffea09417939cb
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
2b130e141eb373c16f37f999d8881b4194070a78339626db091846466412eb3c
2cd0a57efbd4380f0281dfcb046b59450c98271164dedd5e5c9e8e375a1cfb14
39ab4c36bfb2c66cae75ebd7f298ca99b6ff9e989c018ce8db1dfb208d1a4b45
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c
4a31b786881461c33f44b3d35060c92d5e8d3bde3441e7b4d9e9c2933c0025b8
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
6d22667ba4a6a58c09f9c7894bc306a0fe452cb174bc467d8e4cade6ae9774d2
6dd0e63605671e03bf5fcea68b15e3dfcb0348931cf0111e1d669a4999594efc
7248649b1867bc2fbdbce50bcc87e468f8a55edb242b26028a951ede7520859e
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fbf8bd497d664e982da04b44879bd7a04775a300f04302fdd980d1d171e7af6
a2d30057d0a8007fb75fb8a6e4f82f59d3858d29ea176db9c73f665209e86123
a7d60a9d2c5810c63892c0f58c15e8f4810b4f3dc8035304924a17043ef9ddfd
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca
d1f58bc3ebb0eb54eaf7d8a688f427cfb42ad22db7344e2025c152dc0433998c
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855