pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

URL:
https://pastebin.com/qAkcqcL0
Submission: On June 05 via manual (June 5th 2018, 5:03:51 am UTC) from US

Summary HTTP 121 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 35 domains to perform 121 HTTP transactions. The main IP is 104.20.208.21, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pastebin.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 27th 2018. Valid for: 6 months.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	104.20.208.21 104.20.208.21	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	216.58.207.72 216.58.207.72	15169 (GOOGLE) (GOOGLE - Google LLC)
2	204.11.109.78 204.11.109.78	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1 2	216.58.207.78 216.58.207.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE - Google LLC)
4	204.11.109.67 204.11.109.67	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
4	204.11.109.65 204.11.109.65	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1	108.161.189.78 108.161.189.78	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
2	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1	204.11.109.66 204.11.109.66	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
2	178.250.0.74 178.250.0.74	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.71 178.250.0.71	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.146.117 52.222.146.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	178.250.0.66 178.250.0.66	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.25.149.25 104.25.149.25	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	54.230.44.165 54.230.44.165	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.243.205.38 34.243.205.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	46.166.181.19 46.166.181.19	43350 (NFORCE) (NFORCE)
3	54.230.44.60 54.230.44.60	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.230.44.234 54.230.44.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY - Fastly)
5	34.247.42.77 34.247.42.77	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	54.154.49.58 54.154.49.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	151.101.12.166 151.101.12.166	54113 (FASTLY) (FASTLY - Fastly)
2 2	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1 2	104.108.51.30 104.108.51.30	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5 5	18.153.11.21 18.153.11.21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	136.243.75.34 136.243.75.34	24940 (HETZNER-AS) (HETZNER-AS)
1	34.250.155.163 34.250.155.163	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	34.246.208.181 34.246.208.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	216.58.214.34 216.58.214.34	15169 (GOOGLE) (GOOGLE - Google LLC)
4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.217.21.225 172.217.21.225	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY - Fastly)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
4	46.166.134.35 46.166.134.35	43350 (NFORCE) (NFORCE)
1	35.156.52.107 35.156.52.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	52.57.239.73 52.57.239.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	85.159.234.28 85.159.234.28	43350 (NFORCE) (NFORCE)
1	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	213.254.244.20 213.254.244.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	216.58.207.74 216.58.207.74	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.127.16.52 185.127.16.52	44150 (CLOUDWEBM...) (CLOUDWEBMANAGE-AS)
1	204.154.111.77 204.154.111.77	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	204.154.111.224 204.154.111.224	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
2	213.254.244.24 213.254.244.24	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
121	43

48 104.20.208.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.72 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.78 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.78 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.11.109.67 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.11.109.65 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.68 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.66 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.74 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: static.criteo.net

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.71 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: cas.criteo.com

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.146.117 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-117.fra53.r.cloudfront.net

d2na2p72vtqyok.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.66 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.25.149.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

freegeoip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.44.165 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-44-165.fra6.r.cloudfront.net

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.205.38 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-205-38.eu-west-1.compute.amazonaws.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.241.240.220 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

insticator-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.166.181.19 (Netherlands)

ASN43350 (NFORCE, NL)

hb.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.44.60 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-44-60.fra6.r.cloudfront.net

cdnp0.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnp2.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.44.234 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-44-234.fra6.r.cloudfront.net

cdnp3.stackassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (San Francisco, United States) 2 redirects

ASN54113 (FASTLY - Fastly, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.basebanner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.247.42.77 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.49.58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-49-58.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.166 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.52 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.51.30 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.153.11.21 (Cambridge, United States) 5 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.75.34 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.155.163 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-155-163.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.208.181 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-208-181.eu-west-1.compute.amazonaws.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.214.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.225 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f225.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.166.134.35 (Netherlands)

ASN43350 (NFORCE, NL)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.52.107 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-52-107.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.75 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.239.73 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-239-73.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.159.234.28 (Netherlands)

ASN43350 (NFORCE, NL)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.20 (Germany)

ASN3257 (GTT-BACKBONE GTT, DE)

tps30.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.127.16.52 (United Kingdom)

ASN44150 (CLOUDWEBMANAGE-AS, IL)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.154.111.77 (United States)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

ul1.dvtps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.154.111.224 (United States)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

sync.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.24 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps20221.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	pastebin.com pastebin.com	219 KB
11	tribalfusion.com s.tribalfusion.com	62 KB
8	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com tps30.doubleverify.com sync.doubleverify.com tps20221.doubleverify.com	62 KB
7	sekindo.com hb.sekindo.com live.sekindo.com video.sekindo.com	205 KB
7	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	7 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	80 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
4	stackassets.com cdnp0.stackassets.com cdnp2.stackassets.com cdnp3.stackassets.com	191 KB
4	openx.net 2 redirects insticator-d.openx.net us-u.openx.net	2 KB
4	criteo.com cas.criteo.com cat.fr.eu.criteo.com	4 KB
3	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	51 KB
2	adhigh.net 2 redirects px.adhigh.net	821 B
2	bluekai.com 1 redirects tags.bluekai.com stags.bluekai.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	832 B
2	taboola.com 2 redirects trc.taboola.com match.taboola.com	640 B
2	freegeoip.net freegeoip.net	964 B
2	cloudfront.net d2na2p72vtqyok.cloudfront.net df80k0z3fi8zg.cloudfront.net	200 KB
2	criteo.net static.criteo.net	22 KB
2	google-analytics.com 1 redirects www.google-analytics.com	14 KB
2	exponential.com tags.expo9.exponential.com	5 KB
1	dvtps.com ul1.dvtps.com
1	googleapis.com fonts.googleapis.com	289 B
1	spotxchange.com sync.search.spotxchange.com	442 B
1	w55c.net 1 redirects pm.w55c.net	788 B
1	clarium.io protected-by.clarium.io	329 B
1	fastly.net clarium.global.ssl.fastly.net	11 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	mediawallahscript.com partner.mediawallahscript.com	367 B
1	contextweb.com 1 redirects bh.contextweb.com	634 B
1	basebanner.com 1 redirects match.basebanner.com	367 B
1	googletagservices.com www.googletagservices.com	8 KB
1	servedby-buysellads.com m.servedby-buysellads.com	12 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
121	35

	Domain	Requested by
48	pastebin.com	pastebin.com s.tribalfusion.com cas.criteo.com
11	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com
6	sync.go.sonobi.com	pastebin.com
5	live.sekindo.com	clarium.global.ssl.fastly.net pastebin.com live.sekindo.com
5	x.bidswitch.net	5 redirects
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net pastebin.com
3	insticator-d.openx.net	1 redirects pastebin.com
2	tps20221.doubleverify.com	cdn.doubleverify.com
2	tps30.doubleverify.com	cdn.doubleverify.com tps30.doubleverify.com
2	cdn.doubleverify.com	pastebin.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	px.adhigh.net	2 redirects
2	sync.mathtag.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cdnp2.stackassets.com	pastebin.com
2	freegeoip.net	d2na2p72vtqyok.cloudfront.net
2	cat.fr.eu.criteo.com	pastebin.com
2	cas.criteo.com	static.criteo.net
2	static.criteo.net	pastebin.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	tags.expo9.exponential.com	pastebin.com
1	sync.doubleverify.com	pastebin.com
1	cm.g.doubleclick.net	1 redirects
1	ul1.dvtps.com	tps30.doubleverify.com
1	video.sekindo.com	live.sekindo.com
1	fonts.googleapis.com	live.sekindo.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	sync.search.spotxchange.com	pastebin.com
1	pm.w55c.net	1 redirects
1	protected-by.clarium.io	pastebin.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	clarium.global.ssl.fastly.net	d2na2p72vtqyok.cloudfront.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	us-u.openx.net	1 redirects
1	partner.mediawallahscript.com	pastebin.com
1	stags.bluekai.com	pastebin.com
1	tags.bluekai.com	1 redirects
1	bh.contextweb.com	1 redirects
1	match.basebanner.com	1 redirects
1	match.taboola.com	1 redirects
1	trc.taboola.com	1 redirects
1	www.googletagservices.com	d2na2p72vtqyok.cloudfront.net
1	cdnp3.stackassets.com	pastebin.com
1	cdnp0.stackassets.com	pastebin.com
1	hb.sekindo.com	df80k0z3fi8zg.cloudfront.net
1	apex.go.sonobi.com	df80k0z3fi8zg.cloudfront.net
1	df80k0z3fi8zg.cloudfront.net	d2na2p72vtqyok.cloudfront.net
1	d2na2p72vtqyok.cloudfront.net	pastebin.com
1	m.servedby-buysellads.com	pastebin.com
1	stats.g.doubleclick.net	pastebin.com
1	www.googletagmanager.com	pastebin.com
121	52

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-04-27` - `2018-11-03`	6 months	crt.sh
*.doubleverify.com Symantec Class 3 Secure Server CA - G4	`2017-07-11` - `2018-10-10`	a year	crt.sh
*.dvtps.com Go Daddy Secure Certificate Authority - G2	`2017-07-07` - `2019-08-22`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://pastebin.com/qAkcqcL0
Frame ID: 51487C7B071CDD736187564814A2529B
Requests: 47 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: BBA69F5EB53EF811029F738FA1F5D869
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: 828CC734ED75C0AF27F31A547CBAF32A
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: 6EEA5E49368DB9D75588ECCCF7B133E5
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Frame ID: 4DC5549C40DA035A1FF4F4F23332FC7E
Requests: 2 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_custom_safe.php
Frame ID: 050F8AE21EEB8CF65F971BE1987ACBE8
Requests: 4 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_custom_safe.php
Frame ID: EF61B48989C9629D4FB7F6B7C4A5CCCA
Requests: 4 HTTP requests in this frame

Frame: https://pastebin.com/adserver/300x250_custom_safe.php
Frame ID: B2C599ED453D745E0D292B9BC67055A9
Requests: 25 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
Frame ID: FEBD5CB1C98B8262281EC5019033CFCE
Requests: 5 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_criteo_pb_safe.php
Frame ID: 7F56DC99A6379BD195CF885055A66958
Requests: 3 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=Fseez_-nDyWQXIJsbnoKkKTHXC4&tpid=RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3Nla2luZG9VTTozMDB4MjUw&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzTmxhMmx1Wkc5VlRUb3pNREI0TWpVdyIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInNla2luZG9VTSJdLCJoYl9zaXplIjpbIjMwMHgyNTAiXX19LCJ3ciI6MH0=
Frame ID: C590A1101438AD7DEB83ED4CB2BC124C
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements227.js
Frame ID: 03BC9DB326F330AA7F7A2CD8DC372661
Requests: 6 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: DCC04DC20DC2FCDF875C88EB06FCAA29
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: B33E7AA5E0738DEB273888785AB4561A
Requests: 3 HTTP requests in this frame

Frame: https://ul1.dvtps.com/cfbc.htm?ifba=1&rurl=https%3A%2F%2Ftps20221.doubleverify.com%2Fevent.gif%3Fimpid%3Debd6649fe85b4bb2b0c24c69273c655b%26rtcid%3D%7Brtcid%7D%26ifbc%3D%7Bifbc%7D
Frame ID: BF199C788E71063AB032CBF3473143A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^_bsa/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

121
Requests

41 %
HTTPS

0 %
IPv6

35
Domains

52
Subdomains

43
IPs

7
Countries

1182 kB
Transfer

3740 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: deals

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1678499807&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ul=en-us&de=UTF-8&dt=69.42.116.0%20-%2069.42.116.31%2069.42.116.64%20-%2069.42.116.79%2069.42.116.96%20-%2069.42.%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2014858799&gjid=1259393706&cid=1680241986.1528175018&tid=UA-58643-34&_gid=1460981211.1528175018&_r=1&gtm=u5o&z=1858803580 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1680241986.1528175018&jid=2014858799&_gid=1460981211.1528175018&gjid=1259393706&_v=j68&z=1858803580

Request Chain 73

https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D& HTTP 302
https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D&

Request Chain 83

https://trc.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1 HTTP 302
https://match.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d HTTP 302
https://match.basebanner.com/match?tabid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d&extuid=1&excid=42&cijs=0 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=tb&nuid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d

Request Chain 84

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=6f483501-21dd-48a6-a920-6ba5bb25b513

Request Chain 85

https://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=7968a105-93ab-416a-87ca-47d812f19b63&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TGHWPW8Xe1Kk

Request Chain 86

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d8c75b16-0d25-4f00-8f98-e6e33c6786a2

Request Chain 87

https://tags.bluekai.com/site/30907?id=7968a105-93ab-416a-87ca-47d812f19b63 HTTP 302
https://stags.bluekai.com/site/30907?dt=0&r=1644346690&sig=2436670735&bkca=KJpnEnWN+pupuex61BVNBW816MDhBWFD+EOwE+xN1DIh1eHv1fH11M1s91krY4z=

Request Chain 88

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=sonobi HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=sonobi&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=M5oxMZexV46&expires=30&ssp=sonobi HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e

Request Chain 90

https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=eaa7a70c-f454-0448-1b5c-203bd618e38c

Request Chain 108

https://x.bidswitch.net/sync?ssp=sekindo HTTP 302
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dsekindo%26bsw_param%3Df4d8f6ef-d857-4cc6-9ccf-fc85433f140e HTTP 302
https://x.bidswitch.net/sync?dsp_id=79&user_id=k3hVGv2x1Fq48d5&expires=30&ssp=sekindo&bsw_param=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&cbust=1528175022004153 HTTP 302
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1528175022004153&google_gid=CAESEJjyiHdHnUY0urrmaxbdIag&google_cver=1&google_ula=7327243,0

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request qAkcqcL0 Show response
pastebin.com/ 639 KB
87 KB 196ms
176ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc0375f2588bd7ddf1980cb699c0da0c8bf8bb89d7467db3851dc154c9b12e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /qAkcqcL0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; expires=Wed, 05-Jun-19 05:03:38 GMT; path=/; domain=.pastebin.com; HttpOnly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42601807ac3026ae-FRA

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
24 KB 21ms
20ms Script
application/javascript 216.58.207.72
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

SPDY

Server

216.58.207.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f8.1e100.net

Software

Google Tag Manager (scaffolding) /

Resource Hash

63a36ce1876e3f6c08db65ee75e360f4f1d3fb09bef700b9c4bf7d557d043230

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24483
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 05:03:38 GMT

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
30 KB 16ms
15ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/jquery.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 42601808ccc426ae-FRA
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 pastebin.min.v2.js Show response
pastebin.com/js/ 35 KB
12 KB 8ms
7ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v2.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/pastebin.min.v2.js
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:32:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 42601808ccc526ae-FRA
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 text.css
pastebin.com/cache/css_lang/ 706 B
411 B 10ms
9ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/cache/css_lang/text.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/css_lang/text.css
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 09:15:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 42601808ccc626ae-FRA
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 pastebin.min.v5.css
pastebin.com/i/ 39 KB
8 KB 12ms
11ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v5.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7245b1df22320190d1997cb59a4979fd5c943902149e59f1c521d3ed696d1a35

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin.min.v5.css
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 May 2018 10:52:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 42601808ccc726ae-FRA
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
1 KB 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/guest.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/guest.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 42601808ccc826ae-FRA
content-length: 1152
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
152 B 9ms
8ms Image
image/gif 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/t.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/t.gif
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 42601808ccc926ae-FRA
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/Safe/ 7 KB
3 KB 826ms
170ms Script
application/x-javascript 204.11.109.78
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0
Protocol: HTTP/1.1
Server: 204.11.109.78 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:39 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Tue, 05 Jun 2018 06:03:39 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
450 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/linebg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/linebg.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091ce926ae-FRA
content-length: 375
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 pro_btn_hover.png
pastebin.com/i/ 729 B
804 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pro_btn_hover.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pro_btn_hover.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cea26ae-FRA
content-length: 729
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 public.png
pastebin.com/i/ 2 KB
2 KB 8ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/public.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/public.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091ceb26ae-FRA
content-length: 2003
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
264 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/header_bg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/header_bg.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cec26ae-FRA
content-length: 191
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 dd_settings.png
pastebin.com/i/ 1 KB
1 KB 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_settings.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_settings.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091ced26ae-FRA
content-length: 1262
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 dd_alerts.png
pastebin.com/i/ 915 B
990 B 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_alerts.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_alerts.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cee26ae-FRA
content-length: 915
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 dd_messages.png
pastebin.com/i/ 1 KB
1 KB 17ms
17ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_messages.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_messages.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-44b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cef26ae-FRA
content-length: 1099
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 dd_pastebin.png
pastebin.com/i/ 667 B
742 B 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_pastebin.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_pastebin.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-29b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cf026ae-FRA
content-length: 667
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 menu_down.png
pastebin.com/i/ 506 B
580 B 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_down.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/menu_down.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cf126ae-FRA
content-length: 506
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
1 KB 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/search.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/search.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018091cf226ae-FRA
content-length: 1429
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
566 B 16ms
15ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/add_2.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/add_2.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018092cff26ae-FRA
content-length: 491
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
18 KB 12ms
12ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pastebin_logo_side_outline.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin_logo_side_outline.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:38 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018092d0026ae-FRA
content-length: 18016
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:38 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 216.58.207.78
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

SPDY

Server

216.58.207.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1233
date: Tue, 05 Jun 2018 04:43:05 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Tue, 05 Jun 2018 06:43:05 GMT

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1678499807&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ul=en-us&de=UTF-8&dt=69.42.116.0%20-%2069.42.116.31%2069.42.116.64%20-%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1680241986.1528175018&jid=2014858799&_gid=1460981211.1528175018&gjid=1259393706&_v=j68&z=1858803580

35 B
136 B

22ms
21ms

Image
image/gif

173.194.76.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1680241986.1528175018&jid=2014858799&_gid=1460981211.1528175018&gjid=1259393706&_v=j68&z=1858803580

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

SPDY

Server

173.194.76.157 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Jun 2018 05:03:38 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jun 2018 05:03:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1680241986.1528175018&jid=2014858799&_gid=1460981211.1528175018&gjid=1259393706&_v=j68&z=1858803580
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame BBA6 58 KB
14 KB 834ms
178ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 6513c06a13afc5efc3fc49b26c0ab441076d9a87a1841e22c7dad5be7befead9

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:39 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 6583791248850409823
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13870
Expires: Tue, 05 Jun 2018 06:03:39 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame 828C 58 KB
14 KB 880ms
180ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 6513c06a13afc5efc3fc49b26c0ab441076d9a87a1841e22c7dad5be7befead9

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 6583791248850409823
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13870
Expires: Tue, 05 Jun 2018 06:03:40 GMT

GET
H2 200 info.png
pastebin.com/i/ 2 KB
2 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/info.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/info.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3eec26ae-FRA
content-length: 1676
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 expire.png
pastebin.com/i/ 2 KB
2 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/expire.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/expire.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3eed26ae-FRA
content-length: 1729
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 views.png
pastebin.com/i/ 1 KB
1 KB 8ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/views.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/views.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3eee26ae-FRA
content-length: 1450
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 date.png
pastebin.com/i/ 1 KB
1 KB 8ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/date.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/date.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3eef26ae-FRA
content-length: 1203
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 user.png
pastebin.com/i/ 2 KB
2 KB 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/user.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/user.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3ef026ae-FRA
content-length: 1737
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 twitter_svg.png
pastebin.com/i/ 1 KB
2 KB 10ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_svg.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3ef126ae-FRA
content-length: 1490
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 facebook_svg.png
pastebin.com/i/ 794 B
871 B 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_svg.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3ef226ae-FRA
content-length: 794
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 steadfast_1.png
pastebin.com/i/ 1 KB
1 KB 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/steadfast_1.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/steadfast_1.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 4260180e3ef326ae-FRA
content-length: 1245
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 hello.png
pastebin.com/i/ 4 KB
4 KB 15ms
14ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/hello.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/hello.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/qAkcqcL0
:scheme: https
:method: GET
Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jun 2018 07:07:42 GMT
server: cloudflare
etag: "5b10f0be-e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018102f9926ae-FRA
content-length: 3647
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/ 7 KB
3 KB 164ms
164ms Script
application/x-javascript 204.11.109.78
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0
Protocol: HTTP/1.1
Server: 204.11.109.78 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:39 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Tue, 05 Jun 2018 06:03:39 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 40 KB
12 KB 22ms
7ms Script
application/javascript 108.161.189.78
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0
Protocol: HTTP/1.1
Server: 108.161.189.78 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 46354b0dba4bddce6fbb261852a856f6b629a81c2f4d650c6da21a46f486d878

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 20:05:03 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 4F8E03DAC93AC05E
ETag: W/"9aed7fea327d3251ea75f8687d6a0e03"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: ubRHC3INUcbbCFE0JNvtiGznxNXwrSk9pkCjK7NEBPQ9RIRP5TD52aeow5R9pVWoBMMhtXuqO5s=
Expires: Wed, 06 Jun 2018 05:03:39 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame 6EEA 58 KB
14 KB 832ms
177ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 6513c06a13afc5efc3fc49b26c0ab441076d9a87a1841e22c7dad5be7befead9

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 6583791248850409823
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13870
Expires: Tue, 05 Jun 2018 06:03:40 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
1 KB 18ms
17ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_circle.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-3ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103f9d26ae-FRA
content-length: 954
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
894 B 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_circle.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103f9e26ae-FRA
content-length: 818
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
5 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_linux.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_linux.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103f9f26ae-FRA
content-length: 4571
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
3 KB 89ms
88ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_opera.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_opera.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa026ae-FRA
content-length: 2756
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
3 KB 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_macosx.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_macosx.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa126ae-FRA
content-length: 2865
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
2 KB 16ms
15ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_android.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_android.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa226ae-FRA
content-length: 2469
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_webos.png
pastebin.com/i/ 3 KB
3 KB 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_webos.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_webos.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-d1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa326ae-FRA
content-length: 3358
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
2 KB 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_windows.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_windows.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa426ae-FRA
content-length: 1808
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
3 KB 115ms
114ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_ios.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_ios.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa526ae-FRA
content-length: 3011
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
3 KB 16ms
16ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_firefox.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_firefox.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa626ae-FRA
content-length: 3178
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
3 KB 15ms
15ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_chrome.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_chrome.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa726ae-FRA
content-length: 2990
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
1 KB 16ms
16ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/close_promo.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare
etag: "590c3d57-594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 426018103fa826ae-FRA
content-length: 1428
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/ Frame 4DC5 58 KB
14 KB 513ms
177ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 0b1743e58dd1b451549bc86a75451d550ed082e07c5b9ba7512215aa922a7112

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 1323938613850944495
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13876
Expires: Tue, 05 Jun 2018 06:03:40 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
574 B 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/cd-top-arrow.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/cd-top-arrow.png
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v5.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v5.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:39 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 42601812686a26ae-FRA
content-length: 451
x-xss-protection: 1; mode=block
expires: Mon, 03 Sep 2018 05:03:39 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame BBA6 677 B
843 B 322ms
167ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8958520804
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 82c031bf7c45abe8346d2fe5383bcc88511dfa160aa500befc5ac7c0e156ad1c

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 328
Expires: Mon, 03 Sep 2018 05:03:40 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame 828C 677 B
844 B 198ms
184ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8958520804
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 34fb3d178ad7bd37803136ffae60c4d98e0ba0e0039d3bb175d5fa9d26aa27e4

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Mon, 03 Sep 2018 05:03:40 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame 4DC5 677 B
844 B 296ms
165ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8958520804
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: b0d9e0f7c7d53f058614ea7ae316f8f242ea18437e73a2691069512dfb35e3da

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 1
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Mon, 03 Sep 2018 05:03:40 GMT

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame BBA6 603 B
976 B 167ms
167ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8958520804&tagKey=2290374106&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600,120x600&busted=1&url=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&f=0&p=14944974&tKey=aVmneMQGJA4PMKotTmTHfdTVrURHHPbk&a=1&adContainerId=richmedia_2&rnd=14950926
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 2d9ab00cd2c7b3764b79c86912579db9a7ea85628d38de712b0d7abb00cfbb64

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 485
Expires: 0

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame 6EEA 677 B
846 B 164ms
164ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8958520804
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 52bec8d0a1bc3c9da6f06487e54e52f7de369bdc06610bd542ddff4185a99204

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Mon, 03 Sep 2018 05:03:40 GMT

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame 828C 599 B
976 B 164ms
164ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8958520804&tagKey=2290374106&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&f=0&p=14944974&tKey=a6mneM5sQcTGM6WsnkRAMNYTYcRHHdiO&a=3&adContainerId=richmedia_4&rnd=14949109
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 4183ed862193f9ac4ce57acaf832695079a13b7e36e04a19240d5ac924935ef3

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 4
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 481
Expires: 0

GET
H2 200 160x600_custom_safe.php Show response
pastebin.com/adserver/ Frame 050F 589 B
461 B 118ms
118ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e730276af282ff032274fc94037bc8a93f375b90fed320afdd66e6cc17f78c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/160x600_custom_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://pastebin.com/qAkcqcL0
accept-encoding: gzip, deflate
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/qAkcqcL0

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:40 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426018177a7226ae-FRA

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame 6EEA 607 B
977 B 167ms
167ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8958520804&tagKey=2290374106&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x600,300x250&busted=1&url=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&f=0&p=14944974&tKey=axmneMTmPs4mvbPmnG2HrpVa3xRHHChB&a=7&adContainerId=richmedia_8&rnd=14953622
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 9b9153d00e69987e4925ddced0d01f2a7be3ee8d6b67c42269746fe5adc4e5a0

Request headers

Referer: https://pastebin.com/qAkcqcL0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 4
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 483
Expires: 0

GET
H2 200 728x90_custom_safe.php Show response
pastebin.com/adserver/ Frame EF61 594 B
466 B 300ms
300ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf79e04a383753a7c9f0601e6ea661abf69c977e219e54ebdcc7a85fb64526a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/728x90_custom_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://pastebin.com/qAkcqcL0
accept-encoding: gzip, deflate
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/qAkcqcL0

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:41 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42601817aa8e26ae-FRA

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ Frame 050F 75 KB
22 KB 105ms
27ms Script
text/javascript 178.250.0.74
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: HTTP/1.1
Server: 178.250.0.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: static.criteo.net
Software: nginx /
Resource Hash: cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5b086414-12b96"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 06 Jun 2018 05:03:40 GMT

GET
H2 200 300x250_custom_safe.php Show response
pastebin.com/adserver/ Frame B2C5 1 KB
764 B 112ms
112ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/300x250_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6846c4f654b004d73cd907870fbdebcd5c0e35bbdbe748b8939006617e0c5af3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/300x250_custom_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://pastebin.com/qAkcqcL0
accept-encoding: gzip, deflate
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/qAkcqcL0

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:40 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426018189ae926ae-FRA

GET
H/1.1 200
OK ajs.php Show response
cas.criteo.com/delivery/ Frame 050F 981 B
2 KB 104ms
29ms Script
text/javascript 178.250.0.71
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=738954&cb=4335842459&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=https%3A%2F%2Fpastebin.com%2FqAkcqcL0
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: cas.criteo.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d22af4afd378c3bfe9786de37902c17fde2fcbe5f084bfa64eac1d92bdc3988

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Content-Length: 929
Pragma: no-cache
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 024e069d-525f-46a7-911a-7c59471d8c75.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame B2C5 670 KB
164 KB 30ms
9ms Script
application/javascript 52.222.146.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 52.222.146.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-146-117.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1481ecab178b4065d840800c6ce2772d1dc28d2415a686e052a3fc88f883d9d

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 04:49:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jun 2018 04:48:58 GMT
Server: AmazonS3
Age: 876
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: b2OEhMFxC9eWmzHHg9PbKvbj..1iNqBD
Via: 1.1 e8929a64b6920fabf88f772b8cd0125c.cloudfront.net (CloudFront)
Cache-Control: max-age=900,public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: qY207zI-mSJQUSsMvRo5yqA8TD_OfKTuvpa5HZKOjHbrA9_D0jOfEA==

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ Frame EF61 75 KB
0 105ms
27ms Script
text/javascript 178.250.0.74
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_safe.php
Protocol: HTTP/1.1
Server: 178.250.0.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: static.criteo.net
Software: nginx /
Resource Hash: cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782

Request headers

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5b086414-12b96"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 06 Jun 2018 05:03:40 GMT

GET
H/1.1 200
OK ajs.php Show response
cas.criteo.com/delivery/ Frame EF61 976 B
2 KB 30ms
30ms Script
text/javascript 178.250.0.71
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=738940&cb=35176333283&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=https%3A%2F%2Fpastebin.com%2FqAkcqcL0
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: cas.criteo.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77278c8cd7951df51eb15be762caee04cceb0aa3ceb34eae0b9946dc864e364f

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Content-Length: 924
Pragma: no-cache
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 160x600_criteo_pb_safe.php Show response
pastebin.com/adserver/ Frame FEBD 6 KB
2 KB 115ms
115ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_criteo_pb_safe.php

Requested by

Host: cas.criteo.com
URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=738954&cb=4335842459&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=https%3A%2F%2Fpastebin.com%2FqAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42503789dbf88ee098392086d2f4796cc13842a8781cf79f4438fd49c942417a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/160x600_criteo_pb_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://pastebin.com/adserver/160x600_custom_safe.php
accept-encoding: gzip, deflate
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/adserver/160x600_custom_safe.php

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:41 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42601819ab7326ae-FRA

GET
H/1.1 200
OK lg.php
cat.fr.eu.criteo.com/delivery/ Frame 050F 43 B
330 B 111ms
29ms Image
image/gif 178.250.0.66
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=1&cpp=%2BW86JHwwQWFJVWJ6NG1pUSs5R3FCUGVMVVJaaHAyb2ZLKzRybWh2YWZ0SVZNS1ZmRmY1WklWSnhpSjRYUFUwYUErUEQrcXZLa25uckFhcElzVDNvaElzOEJSZU1EWjBPTFZyRDhrYW1HU3BVU0Yzc2paRWhRRENFOVIxdmw2amFpaWFnK3dQMnpyU3JZajloQXhnVnNhdmlRMU9tOWZmb0dCS2NPc1BUMHhDSXFXNWw5OElSSkJFbkdTWGxzeTd1Ykw2bDNaWGtaUE1iQ0hqaFNLY2pWMEprYUd6ZzgwTTY3ZXF1ZjJCMGFJNnpaS3JjU2ljREZwSWl5U0FRWGRDQWhva3JZfA%3D%3D
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: HTTP/1.1
Server: 178.250.0.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 728x90_criteo_pb_safe.php Show response
pastebin.com/adserver/ Frame 7F56 5 KB
2 KB 225ms
224ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_criteo_pb_safe.php

Requested by

Host: cas.criteo.com
URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=738940&cb=35176333283&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=https%3A%2F%2Fpastebin.com%2FqAkcqcL0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04da873ad4d8f691fd5f176f71cfadfc3ef1a6c166bc487e0f065efe1ca10d65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /adserver/728x90_criteo_pb_safe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://pastebin.com/adserver/728x90_custom_safe.php
accept-encoding: gzip, deflate
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/adserver/728x90_custom_safe.php

Response headers

status: 200
date: Tue, 05 Jun 2018 05:03:41 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42601819db8526ae-FRA

GET
H/1.1 200
OK lg.php
cat.fr.eu.criteo.com/delivery/ Frame EF61 43 B
330 B 100ms
26ms Image
image/gif 178.250.0.66
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=1&cpp=qDkKWHxhNkJLV3QxRDdWd3FNeUNSaXRjSUFHOGluQnA1MzF1djQ0L1lMZ05UZ2QvQUJ0ZXFnNDBUekF0L0FPTllsWUVoYzdaMnFxNUtVcDU2YzhQTU81L2I5WjdIRGpUTHp4aFNDS01qQnlsbWxxQTFibkgrR0d5aTlOdlQxOEQxdE5QQkxhVEgzSXl6OUU5YnVYOUxsWFBiUnhiQ2NpVDJwTmU3MVd5QWQxL0xmSnMwU0NIZi9OdnVyUE9ZcXowSE55SU5GMGlmdzlwNmQrMTJFejY2alVsM3dnblZldktUK0RYUExuTnhKY1Z4RlFBV1lSdkFGcUZmODZkRjd0S05RNGJCfA%3D%3D
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_safe.php
Protocol: HTTP/1.1
Server: 178.250.0.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
S 200 / Show response
freegeoip.net/json/ Frame B2C5 375 B
331 B 122ms
101ms XHR
application/json 104.25.149.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://freegeoip.net/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: SPDY
Server: 104.25.149.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd844f088a46ff1bd474532e415fe47f18d27339600a3c75de6e8c4d7153ffc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
x-database-date: Wed, 02 May 2018 08:00:28 GMT
cf-ray: 4260181a0f959aac-FRA

GET
S 200 / Show response
freegeoip.net/json/ Frame B2C5 375 B
633 B 121ms
100ms XHR
application/json 104.25.149.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://freegeoip.net/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: SPDY
Server: 104.25.149.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd844f088a46ff1bd474532e415fe47f18d27339600a3c75de6e8c4d7153ffc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://pastebin.com
access-control-allow-credentials: true
x-database-date: Wed, 02 May 2018 08:00:28 GMT
cf-ray: 4260181a0f969aac-FRA

GET
S 200 instbid.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame B2C5 115 KB
37 KB 23ms
8ms Script
application/javascript 54.230.44.165
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: SPDY
Server: 54.230.44.165 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-44-165.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2d2de941f6c21d583c1d0db71edf8725127d8278eec00d789eb17750930941a

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Thu, 31 May 2018 17:48:14 GMT
content-encoding: gzip
last-modified: Mon, 14 May 2018 19:50:59 GMT
server: AmazonS3
age: 40526
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kXIkWO29CEIayBy9gUG1hMNj1C4wWqCm
status: 200
content-type: application/javascript
x-amz-cf-id: 1pZrzmaOWhHo2bh-0gRKS6JeXfGCv-QaAQebSyu35mJwWynHQoZvSA==
via: 1.1 c438f26ccd08e3dcd1f5cc4a61417fde.cloudfront.net (CloudFront)

GET
H/1.1 200
OK trinity.js Show response
apex.go.sonobi.com/ Frame B2C5 3 KB
3 KB 211ms
127ms Script
text/javascript 34.243.205.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.js?key_maker={%2220e9a58e24c787%22:%224c4c920a6cf262ee66db|300x250%22}&cv=sbi_1b91d0fd1a958a&ref=pastebin.com

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid.js

Protocol

HTTP/1.1

Server

34.243.205.38 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-243-205-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

82be3be9935316d7603cb2a8f03f5ba0b65718fed28787f21ea315a5eef36204

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-dub-1-6-187
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1469
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

302
Moved Temporarily

arj Show response
insticator-d.openx.net/w/1.0/ Frame B2C5
Redirect Chain

https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc...
https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be...

0
-1 B

54ms
13ms

XHR

173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D&
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Location: https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D&
Date: Tue, 05 Jun 2018 05:03:41 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/16.24.0
Access-Control-Allow-Origin: https://pastebin.com
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D&
Date: Tue, 05 Jun 2018 05:03:41 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/16.24.0
Access-Control-Allow-Origin: https://pastebin.com
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK liveView.php Show response
hb.sekindo.com/live/ Frame B2C5 3 KB
2 KB 62ms
19ms XHR
text/javascript 46.166.181.19
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.sekindo.com/live/liveView.php?s=86345&pubUrl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&hbTId=eb8f1514-92b1-405b-a103-276a578acf4f&hbBidId=63d4f05ea689c1&hbver=4&hbcb=1&protocol=s&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid.js
Protocol: HTTP/1.1
Server: 46.166.181.19 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: cd61c28bff73630c6757fdd0e4113abfba2dc93d0a07da53ffe37fc1e51ea229

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:40 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: text/javascript; charset=utf-8

GET
H2 200 deals-ribbon.svg
pastebin.com/i/ Frame FEBD 103 B
275 B 8ms
7ms Image
image/svg+xml 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/deals-ribbon.svg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_criteo_pb_safe.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/deals-ribbon.svg
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
:scheme: https
:method: GET
Referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 May 2016 16:37:17 GMT
server: cloudflare
etag: W/"5744833d-67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=7200
cf-ray: 4260181a6bd126ae-FRA
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 07:03:41 GMT

GET
S 200 sale_5964_primary_image.jpg
cdnp0.stackassets.com/7ae6ad3f24e6416ce2e2f27706864b1478cbfb60/store/2e3b2b8a19daa68feef4f62f957ed065473296b0882ae6c6db776b638426/ Frame FEBD 42 KB
42 KB 29ms
8ms Image
image/jpeg 54.230.44.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp0.stackassets.com/7ae6ad3f24e6416ce2e2f27706864b1478cbfb60/store/2e3b2b8a19daa68feef4f62f957ed065473296b0882ae6c6db776b638426/sale_5964_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_criteo_pb_safe.php

Protocol

SPDY

Server

54.230.44.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-44-60.fra6.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

721ac1ed22e0e4acff83b33ed8dc7f888c1fe3c0c9692ec401777f68b8a88dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 16 May 2018 20:16:59 GMT
via: 1.1 b451ce1932d9b97c4ef54f2f37ecb931.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 20:16:59 GMT
server: nginx/1.12.1
age: 1673202
status: 200
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: inline; filename="sale_5964_primary_image.jpg"
content-length: 42848
x-amz-cf-id: LFjAaEbZyOs7FzF3xPoUb8tzEYTA1Y-lHHwaUGmgBjxZm3k5iK1ypg==
expires: Thu, 16 May 2019 20:16:59 GMT

GET
S 200 sale_13866_primary_image.jpg
cdnp2.stackassets.com/c101cfc929ff72d2fe6191d2a2077d91fa875486/store/f0baaeae86a04aea87345861b543cee9d6d5595e4fa4de347542d6f0e77d/ Frame FEBD 62 KB
62 KB 35ms
14ms Image
image/jpeg 54.230.44.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp2.stackassets.com/c101cfc929ff72d2fe6191d2a2077d91fa875486/store/f0baaeae86a04aea87345861b543cee9d6d5595e4fa4de347542d6f0e77d/sale_13866_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_criteo_pb_safe.php

Protocol

SPDY

Server

54.230.44.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-44-60.fra6.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

42dbc40a65fadf9a09736679582c7a111c5d6a851ca25452ff0d3d6a7368ad9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 16 May 2018 20:01:40 GMT
via: 1.1 b451ce1932d9b97c4ef54f2f37ecb931.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 20:01:40 GMT
server: nginx/1.12.1
age: 1674121
status: 200
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: inline; filename="sale_13866_primary_image.jpg"
content-length: 63288
x-amz-cf-id: pA-wyPoTaNFME38YLFX02FPSLXzYE4pBTBE2m1LR2vKQXrglCQWCdA==
expires: Thu, 16 May 2019 20:01:40 GMT

GET
S 200 product_9736_product_shots1_image.jpg
cdnp3.stackassets.com/01ee558daeec676905ed637d0c3d2d5db1324d6c/store/a1f91ef467e5e2d422093392e77b2d1f5d7626626493666e705c9ae0d222/ Frame FEBD 86 KB
87 KB 43ms
8ms Image
image/jpeg 54.230.44.234
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp3.stackassets.com/01ee558daeec676905ed637d0c3d2d5db1324d6c/store/a1f91ef467e5e2d422093392e77b2d1f5d7626626493666e705c9ae0d222/product_9736_product_shots1_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_criteo_pb_safe.php

Protocol

SPDY

Server

54.230.44.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-44-234.fra6.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

4ecbfc9e4c87f6ff670d373da252f6fefd5666b984057f41bdde0d102496ee6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 16 May 2018 19:51:53 GMT
via: 1.1 d2e34d11a094aa8f0c8077cfdf5b4b38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 19:51:53 GMT
server: nginx/1.12.1
age: 1674708
status: 200
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: inline; filename="product_9736_product_shots1_image.jpg"
content-length: 88169
x-amz-cf-id: OFE2leLXaAvHlFaOtVVn6pK3B5F_QYJd0TTTtlnTxuNwQXtt8pPLCg==
expires: Thu, 16 May 2019 19:51:53 GMT

GET
H/1.1 200
OK arj Show response
insticator-d.openx.net/w/1.0/ Frame B2C5 172 B
738 B 17ms
16ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator-d.openx.net/w/1.0/arj?cc=1&ju=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&jr=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1528175021151&auid=538152069&dddid=eb8f1514-92b1-405b-a103-276a578acf4f&aus=300x250&tps=cmVmdXJsPXBhc3RlYmluLmNvbQ%3D%3D&
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.24.0 /
Resource Hash: cd62417d9d83f5ceeedeb6b0725f82bdb1ca305044cc4de7f8732d63ffee0f08

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Origin: https://pastebin.com
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: OXGW/16.24.0
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 deals-ribbon.svg
pastebin.com/i/ Frame 7F56 103 B
0 8ms
7ms Image
image/svg+xml 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/deals-ribbon.svg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_criteo_pb_safe.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/deals-ribbon.svg
pragma: no-cache
cookie: __cfduid=d126edf5f86d404a50b4f70b74e18f7a11528175018; _ga=GA1.2.1680241986.1528175018; _gid=GA1.2.1460981211.1528175018; _gat_gtag_UA_58643_34=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/adserver/160x600_criteo_pb_safe.php
:scheme: https
:method: GET

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 May 2016 16:37:17 GMT
server: cloudflare
etag: W/"5744833d-67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=7200
cf-ray: 4260181a6bd126ae-FRA
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 07:03:41 GMT

GET
S 200 sale_13866_primary_image.jpg
cdnp2.stackassets.com/c101cfc929ff72d2fe6191d2a2077d91fa875486/store/f0baaeae86a04aea87345861b543cee9d6d5595e4fa4de347542d6f0e77d/ Frame 7F56 62 KB
0 35ms
14ms Image
image/jpeg 54.230.44.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnp2.stackassets.com/c101cfc929ff72d2fe6191d2a2077d91fa875486/store/f0baaeae86a04aea87345861b543cee9d6d5595e4fa4de347542d6f0e77d/sale_13866_primary_image.jpg

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_criteo_pb_safe.php

Protocol

SPDY

Server

54.230.44.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-44-60.fra6.r.cloudfront.net

Software

nginx/1.12.1 /

Resource Hash

42dbc40a65fadf9a09736679582c7a111c5d6a851ca25452ff0d3d6a7368ad9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Response headers

date: Wed, 16 May 2018 20:01:40 GMT
via: 1.1 b451ce1932d9b97c4ef54f2f37ecb931.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 20:01:40 GMT
server: nginx/1.12.1
age: 1674121
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
content-disposition: inline; filename="sale_13866_primary_image.jpg"
access-control-allow-origin: *
content-length: 63288
x-amz-cf-id: pA-wyPoTaNFME38YLFX02FPSLXzYE4pBTBE2m1LR2vKQXrglCQWCdA==
expires: Thu, 16 May 2019 20:01:40 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B2C5 19 KB
8 KB 60ms
38ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js

Protocol

SPDY

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

3a0cf63a3966fd50efde3e3e0b1db5988069a4112fef9ab48cf059774a4594f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "5 / 641 of 1000 / last-modified: 1528143647"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 7645
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 05:03:41 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://trc.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1
https://match.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d
https://match.basebanner.com/match?tabid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d&extuid=1&excid=42&cijs=0
https://sync.go.sonobi.com/us.gif?nw=tb&nuid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d

49 B
830 B

77ms
27ms

Image
image/gif

34.247.42.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=tb&nuid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.247.42.77 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-4
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 05 Jun 2018 05:03:41 GMT
via: 1.1 varnish
server: nginx/1.9.12
x-timer: S1528175021.457032,VS0,VE8
x-served-by: cache-hhn1535-HHN
status: 302
x-cache: MISS
p3p: policyref="http://null/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
location: https://sync.go.sonobi.com/us.gif?nw=tb&nuid=8eaf0c59-c644-42d5-abdb-266982f44780-tuct20f9f2d
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1
https://sync.go.sonobi.com/us.gif?nw=td&nuid=6f483501-21dd-48a6-a920-6ba5bb25b513

49 B
818 B

81ms
27ms

Image
image/gif

34.247.42.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=6f483501-21dd-48a6-a920-6ba5bb25b513

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.247.42.77 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-4
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jun 2018 05:03:41 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=6f483501-21dd-48a6-a920-6ba5bb25b513
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 193

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=7968a105-93ab-416a-87ca-47d812f19b63&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TGHWPW8Xe1Kk

49 B
795 B

112ms
27ms

Image
image/gif

34.247.42.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TGHWPW8Xe1Kk

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.247.42.77 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-72
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TGHWPW8Xe1Kk
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh01
X-Served-By: cache-fra19146-FRA

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d8c75b16-0d25-4f00-8f98-e6e33c6786a2

49 B
819 B

65ms
27ms

Image
image/gif

34.247.42.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d8c75b16-0d25-4f00-8f98-e6e33c6786a2

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.247.42.77 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-72
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: MT3 1.21.6.0 89e8669 RELEASE zrh-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d8c75b16-0d25-4f00-8f98-e6e33c6786a2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 05 Jun 2018 05:03:40 GMT

GET
H/1.1

200
OK

30907
stags.bluekai.com/site/ Frame B2C5
Redirect Chain

https://tags.bluekai.com/site/30907?id=7968a105-93ab-416a-87ca-47d812f19b63
https://stags.bluekai.com/site/30907?dt=0&r=1644346690&sig=2436670735&bkca=KJpnEnWN+pupuex61BVNBW816MDhBWFD+EOwE+xN1DIh1eHv1fH11M1s91krY4z=

62 B
527 B

114ms
96ms

Image
image/gif

104.108.51.30
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/30907?dt=0&r=1644346690&sig=2436670735&bkca=KJpnEnWN+pupuex61BVNBW816MDhBWFD+EOwE+xN1DIh1eHv1fH11M1s91krY4z=
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 104.108.51.30 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-51-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 862e
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://stags.bluekai.com/site/30907?dt=0&r=1644346690&sig=2436670735&bkca=KJpnEnWN+pupuex61BVNBW816MDhBWFD+EOwE+xN1DIh1eHv1fH11M1s91krY4z=
Date: Tue, 05 Jun 2018 05:03:41 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 4901
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=sonobi
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=sonobi&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=M5oxMZexV46&expires=30&ssp=sonobi
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e

49 B
905 B

110ms
27ms

Image
image/gif

34.247.42.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.247.42.77 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-247-42-77.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-72
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1 200
OK /
partner.mediawallahscript.com/ Frame B2C5 32 B
367 B 112ms
29ms Image
image/png 34.250.155.163
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1037&partner_id=1041&uid=7968a105-93ab-416a-87ca-47d812f19b63&custom=&tag_format=img&tag_action=sync&custom=&cb=762400
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 34.250.155.163 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-250-155-163.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.12.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame B2C5
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=eaa7a70c-f454-0448-1b5c-203bd618e38c

49 B
819 B

112ms
30ms

Image
image/gif

34.246.208.181
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=openx&nuid=eaa7a70c-f454-0448-1b5c-203bd618e38c

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php

Protocol

HTTP/1.1

Server

34.246.208.181 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-208-181.eu-west-1.compute.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-dub-1-6-72
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private, no-cache="set-cookie"
Tcn: Choice
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=openx&nuid=eaa7a70c-f454-0448-1b5c-203bd618e38c
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: OXGW/16.24.0
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Length: 0
Vary: Accept
Content-Type: image/gif

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame B2C5 109 B
171 B 15ms
15ms Script
application/javascript 216.58.214.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.214.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f2.1e100.net

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame B2C5 109 B
171 B 16ms
15ms Script
application/javascript 216.58.214.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

216.58.214.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f2.1e100.net

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_212.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B2C5 173 KB
60 KB 59ms
39ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

sffe /

Resource Hash

05922cd395082495346a0a80c70037a064b7f782884c0f333c1f15c71f503f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 May 2018 13:55:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 61374
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 05:03:41 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2C5 3 KB
2 KB 100ms
99ms XHR
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3099664701707796&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21061864%2C21061501%2C21061763%2C21062192&vrg=212&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-27&iu=%2F27794161%2Fpastebin.com_Web_300x250_1&sz=300x250&scp=refurl%3Dpastebin.com%26floor_group%3Dctrl_group%26hour%3D5%26tier%3D1%26instBid_size%3D300x250%26instBid_pb%3D3%26instBid_adid%3D63d4f05ea689c1%26instBid_bidder%3DsekindoUM%26impression_type%3Dinitial_load&cookie_enabled=1&cdm=pastebin.com&bc=7&lmt=1528175021&dt=1528175021536&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=552&ady=139322&adk=2819743242&gut=v2&ifi=1&ifk=1390418613&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&top=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&dssz=9&icsg=8234&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1680241986.1528175018&ga_sid=1528175022&ga_hid=39101150

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

909d5729d973d704459971223a38d566656b03ea6a7c6556e6c8b7208c9b3c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 1911
x-xss-protection: 1; mode=block
google-lineitem-id: 4479146604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138216026934
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://pastebin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_212.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B2C5 44 KB
17 KB 39ms
39ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_212.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

sffe /

Resource Hash

d6fd7c7bb087d6fbbcbbf86a16eb93a7e26782c321517af9f9b42484584ff5de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 May 2018 13:55:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 16996
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 05:03:41 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-27/html/ Frame B2C5 0
0 6ms
5ms Other
text/html 172.217.21.225
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js
Protocol: SPDY
Server: 172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s13-in-f225.1e100.net
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

expires: Fri, 24 May 2019 15:42:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 14 May 2018 14:45:16 GMT
content-type: text/html

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame C590 37 KB
11 KB 27ms
6ms Script
text/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=Fseez_-nDyWQXIJsbnoKkKTHXC4&tpid=RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3Nla2luZG9VTTozMDB4MjUw&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzTmxhMmx1Wkc5VlRUb3pNREI0TWpVdyIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInNla2luZG9VTSJdLCJoYl9zaXplIjpbIjMwMHgyNTAiXX19LCJ3ciI6MH0=
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/024e069d-525f-46a7-911a-7c59471d8c75.js
Protocol: HTTP/1.1
Server: 151.101.113.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 31138db8f53d5568c8b18a2299319f26ff1389fd95353c7b41bb2214949f5d72

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Age: 209
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 10785
X-Served-By: cache-hhn1547-HHN
Pragma: no-cache
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1528175022.674424,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180531/r20110914/activeview/ Frame C590 69 KB
25 KB 6ms
6ms Script
text/javascript 172.217.21.225
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180531/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js

Protocol

SPDY

Server

172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f225.1e100.net

Software

cafe /

Resource Hash

30975bcc4405c66b113d01330c5688351ee4a9962d55fa1bc4d4bea5f795ecaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Fri, 01 Jun 2018 03:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25778
x-xss-protection: 1; mode=block
server: cafe
etag: 9898935172600827182
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Jun 2018 03:55:53 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame B2C5 71 KB
26 KB 6ms
5ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js

Protocol

SPDY

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

c5f08ac7d47bad7fdd476e7aebe5db8780bc439ee66aec208994bcadf592cb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 04:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 26450
x-xss-protection: 1; mode=block
server: cafe
etag: 14519992632048792591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Jun 2018 05:52:48 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame C590 0
273 B 18ms
18ms Image
text/html 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRVqsxOn4ricMMAJJJp9YExYy0_HDLJbttky5qHmm7NxtXs9eW_5r2iO5wms41z1kntLacnTbSotc_FDUcIiwb484Q_f9bdgXD1r_o1lNSnVgE9LImDYA4FQVYtucQ89uQDh_hZuGjGq7GpRu31pDBVZoZWSIydwAXLUqg50iE7AGQciWba3tNqmvD6BeVc_AUUSRRzHz7D1TNvTbHIgU1P8mh-Sw7zMW-NXmO9qEmndKcTaiKz_EnsdRuaFF-W0fm-DTygMFQdhM&sai=AMfl-YTtQGTlBDHLFB9q8I162D_JlSAqbeE-4JhRRUgeI86_f2eChMlkx6ew3AixNI_5yEyd5GR27FLAmGs3zdoXqvnc96aD-gskLNUjyiSjEg&sig=Cg0ArKJSzFETUy2kKOgqEAE&urlfix=1&adurl=
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: SPDY
Server: 172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s13-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: private
expires: Tue, 05 Jun 2018 05:03:41 GMT

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame C590 585 KB
182 KB 83ms
43ms Script
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?s=66146&vpaidManager=sekindo&contentNum=1&ri=6C69766553746174737C736B317B54307D7B64323031382D30362D30355F30387D7B73393530303831307D7B4335377D7B536347467A6447566961573475593239747D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583330307D7B593235307D7B66317DFEFE&userIpAddr=148.251.45.254&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&debugInformation=&debugInfo=9500810_&clkUrl=&plMult=-1&pubUrl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&showLogo=0&eximpid=${EXT_IMP_ID}&vpTemplate=51&impGap=2&contentFeedId=&gdpr=1&gdprConsent=&flowMode=below&x=300&y=250
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=Fseez_-nDyWQXIJsbnoKkKTHXC4&tpid=RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3Nla2luZG9VTTozMDB4MjUw&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzTmxhMmx1Wkc5VlRUb3pNREI0TWpVdyIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInNla2luZG9VTSJdLCJoYl9zaXplIjpbIjMwMHgyNTAiXX19LCJ3ciI6MH0=
Protocol: HTTP/1.1
Server: 46.166.134.35 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: 1c8c913320a62ff772ad38f0c0ab85ce0e279e6c4edd1f14d4686379fb72f36e

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame C590 68 B
329 B 31ms
8ms Image
image/png 35.156.52.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3Nla2luZG9VTTozMDB4MjUw&v=5&s=d4657d3f21ac175af74a5504277f9bd4b080aec8&id=eyJwcmViaWQiOnsiYWRJZCI6IjYzZDRmMDVlYTY4OWMxIiwiY3BtIjowLjAzMzV9fQ%3D%3D
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 35.156.52.107 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-52-107.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame C590 2 B
659 B 18ms
17ms Script
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?PBTRK=1&PBSESSID=pbSekindo_863455b1619ad33235&adType=tag&subId=pastebin.com&reqSpace2AdId=0&ecpmValue=0.067&sspDescripancySpace2AdId=0&spaceId=86345&isPassBack=0&diaid=&debugInformation=&userIpAddr=148.251.45.254&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&x=300&y=250&campaignFreqCap=0%2F0&campaignId=45932&space2AdId=9500810&frcCst=0.0335
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 46.166.134.35 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame C590 13 KB
5 KB 26ms
5ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=2791976&cmp=2791987&sid=2015051501&plc=2015051502&num=&adid=&advid=2791977&adsrv=90&region=30&btreg=&btadsrv=&crt=&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&sr=20&DVP_PUBLISHER=22683&DVP_SPACE=86345&DVP_SELLER=&DVP_PLACEMENT=pastebin.com&DVP_SUBID=pastebin.com&turl=pastebin.com
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: f00455c4f9de9aa88ad1082593843262fbb1cbaa29419995b0cd6aabaafc199a

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jun 2018 09:19:26 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "294bc22e5fbd31:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4424

GET
H/1.1 200
OK liveCS.php Show response
live.sekindo.com/live/ Frame C590 624 B
803 B 31ms
13ms Script
text/javascript 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=sekindo&cid=57
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 46.166.134.35 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: bcbd8fc8c3ccb8bda009694477db39578f3e896db3cb3bf5b79218cdc813bed1

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame C590 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 566c4b71f53cdb6e0dc420770cd710ced2edecd3db7b342a163a2e62a5642e67

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK dv-measurements227.js Show response
cdn.doubleverify.com/ Frame 03BC 220 KB
51 KB 6ms
6ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements227.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/qAkcqcL0
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 301085adab38e8dccecd63020a274770917eed64b1139103b661a78febc0131f

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 May 2018 13:10:22 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "f7137c664ef7d31:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=34265
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51589

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame C590
Redirect Chain

https://x.bidswitch.net/sync?ssp=sekindo
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dsekindo%26bsw_param%3Df4d8f6ef-d857-4cc6-9ccf-fc85433...
https://x.bidswitch.net/sync?dsp_id=79&user_id=k3hVGv2x1Fq48d5&expires=30&ssp=sekindo&bsw_param=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e

2 B
501 B

18ms
18ms

Image
text/javascript

85.159.234.28
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 85.159.234.28 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

Redirect headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=f4d8f6ef-d857-4cc6-9ccf-fc85433f140e
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1 200 partner
sync.search.spotxchange.com/ Frame C590 43 B
442 B 103ms
11ms Image
image/gif 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=84294&sync_limit=3
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame DCC0 0
0 25ms
5ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements227.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/adserver/300x250_custom_safe.php

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Length: 3877
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps30.doubleverify.com/ Frame 03BC 11 KB
4 KB 33ms
9ms Script
text/javascript 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps30.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETauBp%3C4B4%7B_U2%3F4r92%3A%3Fl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=1&dvp_region=30&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=290&ddur=27&uid=1528175021923866&jsCallback=dvCallback_1528175021923549&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20HeadlessChrome%2F66.0.3359.139%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=227&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=3&referrer=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&fwc=0&fcl=339&flt=0&fec=11919&fcifrms=4&brh=2&dvp_epl=239&ctx=2791976&cmp=2791987&sid=2015051501&plc=2015051502&adsrv=90&advid=2791977&sr=20&turl=pastebin.com&DVP_PUBLISHER=22683&DVP_SPACE=86345&DVP_PLACEMENT=pastebin.com&DVP_SUBID=pastebin.com
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements227.js
Protocol: HTTP/1.1
Server: 213.254.244.20 , Germany, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ff4d9fd03bb54fe2563a2c682fab4121b5c966d634affd2793680f3a02825e81

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 6/4/2018 5:03:41 AM

GET
S 200 css
fonts.googleapis.com/ Frame B33E 220 B
289 B 16ms
16ms Stylesheet
text/css 216.58.207.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?s=66146&vpaidManager=sekindo&contentNum=1&ri=6C69766553746174737C736B317B54307D7B64323031382D30362D30355F30387D7B73393530303831307D7B4335377D7B536347467A6447566961573475593239747D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583330307D7B593235307D7B66317DFEFE&userIpAddr=148.251.45.254&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&debugInformation=&debugInfo=9500810_&clkUrl=&plMult=-1&pubUrl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&showLogo=0&eximpid=${EXT_IMP_ID}&vpTemplate=51&impGap=2&contentFeedId=&gdpr=1&gdprConsent=&flowMode=below&x=300&y=250

Protocol

SPDY

Server

216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f10.1e100.net

Software

ESF /

Resource Hash

2dc7dc753daaed33a8e62b9411474bda4d6ff63195e6e64168b0da4b7b5d6b70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 05 Jun 2018 05:03:41 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 05 Jun 2018 05:03:41 GMT

GET
H/1.1 200
OK vid5b0eac8b497cb404372961.jpg
video.sekindo.com/uploads/video/users/converted/24271/video1511883989/ Frame B33E 18 KB
18 KB 124ms
46ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/video/users/converted/24271/video1511883989/vid5b0eac8b497cb404372961.jpg?cbuster=1527688332

Requested by

Protocol

HTTP/1.1

Server

185.127.16.52 , United Kingdom, ASN44150 (CLOUDWEBMANAGE-AS, IL),

Reverse DNS

Software

Tengine /

Resource Hash

e6593f676adcc90ed51cb4c12016c0b269966c9a387cd34d30821d678dfaf66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wonderland-garden.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 05:03:50 GMT
Last-Modified: Wed, 30 May 2018 13:54:19 GMT
Server: Tengine
ETag: "5b0ead0b-475d"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 18269
Expires: Wed, 06 Jun 2018 14:09:20 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame C590 2 B
402 B 17ms
16ms XHR
application/json 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=66146&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=2.2.4&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fvideo%2Fusers%2Fconverted%2F24271%2Fvideo1511883989%2Fvid5b0eac8b497cb404372961.mp4&vid_content_id=109262&vid_content_desc=Apple+May+Switch+iPhones+to+OLED+Screens+Come+2019&vid_content_title=Apple+May+Switch+iPhones+to+OLED+Screens+Come+2019&vid_content_duration=47&x=300&y=225&pubUrl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&ri=6C69766553746174737C736B317B54307D7B64323031382D30362D30355F30387D7B73393530303831307D7B4335377D7B536347467A6447566961573475593239747D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583330307D7B593235307D7B66317DFEFE&userIpAddr=148.251.45.254&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&debugInformation=&gdpr=1&gdprConsent=&cbuster=1528175021984
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?s=66146&vpaidManager=sekindo&contentNum=1&ri=6C69766553746174737C736B317B54307D7B64323031382D30362D30355F30387D7B73393530303831307D7B4335377D7B536347467A6447566961573475593239747D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583330307D7B593235307D7B66317DFEFE&userIpAddr=148.251.45.254&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&debugInformation=&debugInfo=9500810_&clkUrl=&plMult=-1&pubUrl=https%3A%2F%2Fpastebin.com%2FqAkcqcL0&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&showLogo=0&eximpid=${EXT_IMP_ID}&vpTemplate=51&impGap=2&contentFeedId=&gdpr=1&gdprConsent=&flowMode=below&x=300&y=250
Protocol: HTTP/1.1
Server: 46.166.134.35 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.17
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.17
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ Frame B33E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK cfbc.htm
ul1.dvtps.com/ Frame BF19 0
0 355ms
90ms Document
text/html 204.154.111.77
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://ul1.dvtps.com/cfbc.htm?ifba=1&rurl=https%3A%2F%2Ftps20221.doubleverify.com%2Fevent.gif%3Fimpid%3Debd6649fe85b4bb2b0c24c69273c655b%26rtcid%3D%7Brtcid%7D%26ifbc%3D%7Bifbc%7D
Requested by: Host: tps30.doubleverify.com
URL: https://tps30.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETauBp%3C4B4%7B_U2%3F4r92%3A%3Fl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=1&dvp_region=30&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=290&ddur=27&uid=1528175021923866&jsCallback=dvCallback_1528175021923549&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20HeadlessChrome%2F66.0.3359.139%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=227&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=3&referrer=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&fwc=0&fcl=339&flt=0&fec=11919&fcifrms=4&brh=2&dvp_epl=239&ctx=2791976&cmp=2791987&sid=2015051501&plc=2015051502&adsrv=90&advid=2791977&sr=20&turl=pastebin.com&DVP_PUBLISHER=22683&DVP_SPACE=86345&DVP_PLACEMENT=pastebin.com&DVP_SUBID=pastebin.com
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 204.154.111.77 , United States, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash

Request headers

Host: ul1.dvtps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 51487C7B071CDD736187564814A2529B
Referer: https://pastebin.com/adserver/300x250_custom_safe.php

Response headers

Cache-Control: max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: 6/4/2018 5:03:42 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Tue, 05 Jun 2018 05:03:41 GMT
Connection: close

GET
H/1.1

200
OK

query.gif
sync.doubleverify.com/ Frame 03BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&cbust=1528175022004153
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1528175022004153&google_gid=CAESEJjyiHdHnUY0urrmaxbdIag&google_cver=1&google_ula=7327243,0

807 B
1 KB

363ms
91ms

Other
image/gif

204.154.111.224
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1528175022004153&google_gid=CAESEJjyiHdHnUY0urrmaxbdIag&google_cver=1&google_ula=7327243,0
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: HTTP/1.1
Server: 204.154.111.224 , United States, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Connection: close
Expires: 6/4/2018 5:03:42 AM

Redirect headers

pragma: no-cache
date: Tue, 05 Jun 2018 05:03:42 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1528175022004153&google_gid=CAESEJjyiHdHnUY0urrmaxbdIag&google_cver=1&google_ula=7327243,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 376
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK query.js Show response
tps30.doubleverify.com/ Frame 03BC 0
297 B 21ms
9ms Script
text/javascript 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps30.doubleverify.com/query.js?ctx=818052&cmp=1239517532
Requested by: Host: tps30.doubleverify.com
URL: https://tps30.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETauBp%3C4B4%7B_U2%3F4r92%3A%3Fl9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3ETar9EEADTbpTauTauA2DE63%3A%3F%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=1&dvp_region=30&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=290&ddur=27&uid=1528175021923866&jsCallback=dvCallback_1528175021923549&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20HeadlessChrome%2F66.0.3359.139%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=227&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=3&referrer=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&fwc=0&fcl=339&flt=0&fec=11919&fcifrms=4&brh=2&dvp_epl=239&ctx=2791976&cmp=2791987&sid=2015051501&plc=2015051502&adsrv=90&advid=2791977&sr=20&turl=pastebin.com&DVP_PUBLISHER=22683&DVP_SPACE=86345&DVP_PLACEMENT=pastebin.com&DVP_SUBID=pastebin.com
Protocol: HTTP/1.1
Server: 213.254.244.20 , Germany, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 6/4/2018 5:03:41 AM

POST
H/1.1 200
OK event.png
tps20221.doubleverify.com/ Frame 03BC 67 B
460 B 22ms
11ms Other
image/png 213.254.244.24
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20221.doubleverify.com/event.png?impid=ebd6649fe85b4bb2b0c24c69273c655b&dvp_anatd=65&vdur=57&msrjs=227&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=4&dvp_mref=&dvp_acc=21&dvp_acl=1919&dvp_acwe=0&dvp_vpos=1585-1200-1&isvelg=1&vit=2&engms=1&engisel=1&cbust=1528175024006767
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements227.js
Protocol: HTTP/1.1
Server: 213.254.244.24 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Cache-Control: max-age=0
Origin: https://pastebin.com
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:43 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 6/4/2018 5:03:43 AM

POST
H/1.1 200
OK event.png
tps20221.doubleverify.com/ Frame 03BC 67 B
460 B 18ms
7ms Other
image/png 213.254.244.24
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20221.doubleverify.com/event.png?impid=ebd6649fe85b4bb2b0c24c69273c655b&msrcanlm=904&msrcannum=3&ismms=61&isumms=61&isvelg=1&nvr=2&isbxdms=2162&b0=2206&adhgt=232&adwdth=300&engisel=1&lftb=2206&sftb=2206&msrdp=2&naral=640&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=60&engscrlms=65&dvp_hdnAd=1000&dvp_pageEng=true&cbust=1528175025002253
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements227.js
Protocol: HTTP/1.1
Server: 213.254.244.24 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Cache-Control: max-age=0
Origin: https://pastebin.com
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Jun 2018 05:03:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 6/4/2018 5:03:44 AM

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastebin.com/	1970-01-18 16:31:01	Name: Insticator.geoBlockedEmbeds-024e069d-525f-46a7-911a-7c59471d8c75 Value: []
pastebin.com/	1970-01-18 16:31:01	Name: visitorGeo Value: DE
pastebin.com/	1970-01-18 16:31:01	Name: Insticator.geoBlockAds-024e069d-525f-46a7-911a-7c59471d8c75 Value: false
.pastebin.com/	1970-01-19 01:15:11	Name: __cfduid Value: d126edf5f86d404a50b4f70b74e18f7a11528175018
.pastebin.com/	1970-01-19 10:00:47	Name: _ga Value: GA1.2.1680241986.1528175018
.pastebin.com/	1970-01-18 16:29:35	Name: _gat_gtag_UA_58643_34 Value: 1
pastebin.com/	1970-01-18 16:31:01	Name: visitorFloorTier Value: 1
.pastebin.com/	1970-01-18 16:31:01	Name: _gid Value: GA1.2.1460981211.1528175018

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apex.go.sonobi.com
bh.contextweb.com
cas.criteo.com
cat.fr.eu.criteo.com
cdn.doubleverify.com
cdn3.doubleverify.com
cdnp0.stackassets.com
cdnp2.stackassets.com
cdnp3.stackassets.com
clarium.global.ssl.fastly.net
cm.g.doubleclick.net
d2na2p72vtqyok.cloudfront.net
df80k0z3fi8zg.cloudfront.net
fonts.googleapis.com
freegeoip.net
hb.sekindo.com
insticator-d.openx.net
live.sekindo.com
m.servedby-buysellads.com
match.adsrvr.org
match.basebanner.com
match.taboola.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pastebin.com
pm.w55c.net
protected-by.clarium.io
px.adhigh.net
s.tribalfusion.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync.doubleverify.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
tps20221.doubleverify.com
tps30.doubleverify.com
trc.taboola.com
ul1.dvtps.com
us-u.openx.net
video.sekindo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.108.51.30
104.20.208.21
104.25.149.25
108.161.189.78
136.243.75.34
151.101.113.194
151.101.114.2
151.101.114.49
151.101.12.166
172.217.16.194
172.217.21.225
172.217.21.226
173.194.76.157
173.241.240.143
173.241.240.220
178.250.0.66
178.250.0.71
178.250.0.74
18.153.11.21
185.127.16.52
185.29.133.52
185.94.180.125
2.18.232.75
204.11.109.65
204.11.109.66
204.11.109.67
204.11.109.68
204.11.109.78
204.154.111.224
204.154.111.77
213.254.244.20
213.254.244.24
216.58.207.34
216.58.207.66
216.58.207.72
216.58.207.74
216.58.207.78
216.58.214.34
34.243.205.38
34.246.208.181
34.247.42.77
34.250.155.163
35.156.52.107
46.166.134.35
46.166.181.19
52.222.146.117
52.57.239.73
54.154.49.58
54.230.44.165
54.230.44.234
54.230.44.60
85.159.234.28
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04da873ad4d8f691fd5f176f71cfadfc3ef1a6c166bc487e0f065efe1ca10d65
05922cd395082495346a0a80c70037a064b7f782884c0f333c1f15c71f503f3e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1743e58dd1b451549bc86a75451d550ed082e07c5b9ba7512215aa922a7112
125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36
1c8c913320a62ff772ad38f0c0ab85ce0e279e6c4edd1f14d4686379fb72f36e
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1e730276af282ff032274fc94037bc8a93f375b90fed320afdd66e6cc17f78c7
1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3
2d9ab00cd2c7b3764b79c86912579db9a7ea85628d38de712b0d7abb00cfbb64
2dc7dc753daaed33a8e62b9411474bda4d6ff63195e6e64168b0da4b7b5d6b70
301085adab38e8dccecd63020a274770917eed64b1139103b661a78febc0131f
30975bcc4405c66b113d01330c5688351ee4a9962d55fa1bc4d4bea5f795ecaf
31138db8f53d5568c8b18a2299319f26ff1389fd95353c7b41bb2214949f5d72
34fb3d178ad7bd37803136ffae60c4d98e0ba0e0039d3bb175d5fa9d26aa27e4
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3a0cf63a3966fd50efde3e3e0b1db5988069a4112fef9ab48cf059774a4594f7
3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009
4183ed862193f9ac4ce57acaf832695079a13b7e36e04a19240d5ac924935ef3
42503789dbf88ee098392086d2f4796cc13842a8781cf79f4438fd49c942417a
42dbc40a65fadf9a09736679582c7a111c5d6a851ca25452ff0d3d6a7368ad9e
46354b0dba4bddce6fbb261852a856f6b629a81c2f4d650c6da21a46f486d878
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecbfc9e4c87f6ff670d373da252f6fefd5666b984057f41bdde0d102496ee6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc0375f2588bd7ddf1980cb699c0da0c8bf8bb89d7467db3851dc154c9b12e7
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
52bec8d0a1bc3c9da6f06487e54e52f7de369bdc06610bd542ddff4185a99204
566c4b71f53cdb6e0dc420770cd710ced2edecd3db7b342a163a2e62a5642e67
56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
63a36ce1876e3f6c08db65ee75e360f4f1d3fb09bef700b9c4bf7d557d043230
6513c06a13afc5efc3fc49b26c0ab441076d9a87a1841e22c7dad5be7befead9
6846c4f654b004d73cd907870fbdebcd5c0e35bbdbe748b8939006617e0c5af3
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6d22af4afd378c3bfe9786de37902c17fde2fcbe5f084bfa64eac1d92bdc3988
6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642
700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
721ac1ed22e0e4acff83b33ed8dc7f888c1fe3c0c9692ec401777f68b8a88dca
7245b1df22320190d1997cb59a4979fd5c943902149e59f1c521d3ed696d1a35
77278c8cd7951df51eb15be762caee04cceb0aa3ceb34eae0b9946dc864e364f
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6
7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1
8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f
82be3be9935316d7603cb2a8f03f5ba0b65718fed28787f21ea315a5eef36204
82c031bf7c45abe8346d2fe5383bcc88511dfa160aa500befc5ac7c0e156ad1c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
909d5729d973d704459971223a38d566656b03ea6a7c6556e6c8b7208c9b3c62
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9b9153d00e69987e4925ddced0d01f2a7be3ee8d6b67c42269746fe5adc4e5a0
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
aaf79e04a383753a7c9f0601e6ea661abf69c977e219e54ebdcc7a85fb64526a
b0d9e0f7c7d53f058614ea7ae316f8f242ea18437e73a2691069512dfb35e3da
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
bcbd8fc8c3ccb8bda009694477db39578f3e896db3cb3bf5b79218cdc813bed1
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c5f08ac7d47bad7fdd476e7aebe5db8780bc439ee66aec208994bcadf592cb74
cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782
cd61c28bff73630c6757fdd0e4113abfba2dc93d0a07da53ffe37fc1e51ea229
cd62417d9d83f5ceeedeb6b0725f82bdb1ca305044cc4de7f8732d63ffee0f08
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d1481ecab178b4065d840800c6ce2772d1dc28d2415a686e052a3fc88f883d9d
d4398cc2de1c610a9268600b04ac981c6d6d4cca8ee5020613c4edfaa1e75171
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d6fd7c7bb087d6fbbcbbf86a16eb93a7e26782c321517af9f9b42484584ff5de
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6593f676adcc90ed51cb4c12016c0b269966c9a387cd34d30821d678dfaf66d
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
f00455c4f9de9aa88ad1082593843262fbb1cbaa29419995b0cd6aabaafc199a
f2d2de941f6c21d583c1d0db71edf8725127d8278eec00d789eb17750930941a
f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc
fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3
fd844f088a46ff1bd474532e415fe47f18d27339600a3c75de6e8c4d7153ffc5
ff4d9fd03bb54fe2563a2c682fab4121b5c966d634affd2793680f3a02825e81

pastebin.com Open in urlscan Pro 104.20.208.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

121 Requests

41 %HTTPS

0 %IPv6

35 Domains

52 Subdomains

43 IPs

7 Countries

1182 kBTransfer

3740 kBSize

8 Cookies

6 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

41 %
HTTPS

0 %
IPv6

35
Domains

52
Subdomains

43
IPs

7
Countries

1182 kB
Transfer

3740 kB
Size

8
Cookies

121 HTTP transactions
1 data transactions