urlscan.io logo urlscan.io
SecurityTrails logo

pastebin.fun Open in urlscan Pro
2606:4700:3032::ac43:8890  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastebin.fun/vz0femnlww
Submission: On June 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 19 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3032::ac43:8890, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 28th 2020. Valid for: a year.
This is the only time pastebin.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::ac43:8890 (United States)

ASN13335 (CLOUDFLARENET, US)
pastebin.fun
21    2606:4700:3030::6815:591e (United States)

ASN13335 (CLOUDFLARENET, US)
pastebin.fun
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    2606:4700:20::681a:9b9 (United States)

ASN13335 (CLOUDFLARENET, US)
ui-avatars.com
1    2606:4700:3033::6815:17a (United States)

ASN13335 (CLOUDFLARENET, US)
ndroip.com
1    88.99.85.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.85.99.88.clients.your-server.de
api.qrserver.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
www.displayvertising.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
Domain Requested by
22 pastebin.fun pastebin.fun
cdnjs.cloudflare.com
4 cdnjs.cloudflare.com pastebin.fun
3 pagead2.googlesyndication.com pastebin.fun
pagead2.googlesyndication.com
2 static.a-ads.com ad.a-ads.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ad.a-ads.com pastebin.fun
2 maxcdn.bootstrapcdn.com pastebin.fun
maxcdn.bootstrapcdn.com
1 c.adsco.re www.displayvertising.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.displayvertising.com pastebin.fun
1 www.googletagmanager.com pastebin.fun
1 api.qrserver.com pastebin.fun
1 ndroip.com pastebin.fun
1 ui-avatars.com pastebin.fun
0 www.google-analytics.com Failed www.googletagmanager.com
0 4.adsco.re Failed pastebin.fun
0 6.adsco.re Failed pastebin.fun
0 s7.addthis.com Failed pastebin.fun
0 tgpsew.com Failed ndroip.com
53 22

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-28 -
2021-07-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
api.qrserver.com
R3		 2021-04-26 -
2021-07-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
1503693843.rsc.cdn77.org
R3		 2021-06-13 -
2021-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2020-09-15 -
2021-09-26		 a year crt.sh

This page contains 5 frames:

Primary Page: https://pastebin.fun/vz0femnlww
Frame ID: B748DA91D19477B5A872CF2309E73B42
Requests: 48 HTTP requests in this frame

Frame: https://ad.a-ads.com/1513646?size=970x90
Frame ID: D22D7C99D8F4ED0EE39D6D8D80B6DBA6
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1513652?size=240x400
Frame ID: 0488E76378A83C6AB8549F2BBD347682
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/zrt_lookup.html
Frame ID: 68AA53C2CBCE5D65ACA09CA30EC69F59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9740786405598662&output=html&adk=1812271804&adf=3025194257&lmt=1624347862&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpastebin.fun%2Fvz0femnlww&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624347861567&bpp=13&bdt=126&idt=414&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2854164165183&frm=20&pv=2&ga_vid=1721504935.1624347862&ga_sid=1624347862&ga_hid=441828904&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C31061047&oid=3&pvsid=1290692833269118&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: 609A62E5EBCF3544FB8D2233AF71CADA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

53
Requests

89 %
HTTPS

84 %
IPv6

19
Domains

22
Subdomains

20
IPs

2
Countries

916 kB
Transfer

2658 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vz0femnlww
pastebin.fun/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6051e66f9978766c67477d61beab477960b3cca51ebbe8be677d1b2898cff1a7

Request headers

:method
GET
:authority
pastebin.fun
:scheme
https
:path
/vz0femnlww
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-ratelimit-limit
60
x-ratelimit-remaining
58
set-cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; expires=Tue, 22-Jun-2021 09:44:21 GMT; Max-Age=7200; path=/ pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D; expires=Tue, 22-Jun-2021 09:44:21 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0ad44677ae00004ddcb7bcc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5DOJE7015fvgkuVHbHVquqkinC82WWwtHr3QJ2P9XQp5oFN%2BIL8XWjjymuVXOKeV0V2YE9RdJnRqNeFiPQZN%2FOcMlJYwukUoRyAFYDDlpHaezOEjY2FbRl%2FEF9YCINynQ1OCTv9X"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6633d9d2acf94ddc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ebgN2tWPX2U-IxPK-Ke-eI7wW3A.js
pastebin.fun/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/cdn-cgi/apps/head/ebgN2tWPX2U-IxPK-Ke-eI7wW3A.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f638532360a11700edb1c77aea705024486f37d4d2bd4c5f5a9753e7ad850908

Request headers

:path
/cdn-cgi/apps/head/ebgN2tWPX2U-IxPK-Ke-eI7wW3A.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5165789
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
ZKB8PVW7H4EG2NAD
x-amz-id-2
6wYMn/WwbFPVhZxXOx0G7aWYRLGOK7W8ZVW0HcEzVv1kVOpIf+tRgBVcFrf50pVU8iX1idxhxjs=
last-modified
Fri, 03 Jul 2020 11:33:57 GMT
server
cloudflare
etag
W/"65e18bd954ce44caa8bc7d2a8f9db71c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7s5I2B8hHMtI0MM27nR9lR3Tv6XwpETps4maZZBaNqxn7%2BnnpBSX3%2B%2FVl0dvCxtCRqo1Q1%2FpA8zqTRle8o2vCT9bBRabZqvMk%2BBKJBaKeFQ789gluWtSA8MF8nFI3QaJIuy8GDJ%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Xhc4LQpN6hGgc6HEx2QZn0kVJ9MR6zjq
cache-control
public, max-age=31536000
cf-request-id
0ad44679e90000c28bcf2e4000000001
cf-ray
6633d9d63c8ac28b-FRA
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
7901217
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679cb0000d6b1cfa8f000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
50f270cef956c80b14f61fa9ad96c573
cf-ray
6633d9d6182bd6b1-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.min.css
pastebin.fun/css/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/css/bootstrap.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679ea0000c28b85059000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
W/"22688-57a2a60097180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QDXgMCmlypgNN7Uw3GXMkIrmSs7XsVht86kBTJfBzLc%2F%2Fug%2BDRpxmUTiknuufIJy5srsXZ2Yl6vuCGxjVS1ASvlkBgZcKPB3LP9My2tgY296GlinIn0xV5weIwtoSPFFPETX%2FR%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c8dc28b-FRA
mdb.min.css
pastebin.fun/css/ 		226 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/css/mdb.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path
/css/mdb.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e90000c28bff9e4000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
W/"38940-57a2a60097180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YZ3kLVLXQFfCxRgcg4UnDC21wQJxMKh68R%2B%2BkLb%2BgP90pZ08sor0okm8FNLh7a2XNd6TRXVAndKzRvJ1B086ZRPDlpS5ngVoNyUwRcqcRH%2BfJc2qG3Xm5ybeN3O2t18niUyfjqIL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c8bc28b-FRA
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6376802
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1624
cf-request-id
0ad44679cb0000c26d08102000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-3b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CkP2FEJ33ZfEHhqoRLHtQXB%2FVMr%2BlFsEl8%2FokO%2FDEAIaGtxOn5509HllFfXkwhDaEU01LmTa%2BGFI1W8pFEU2tck%2B0AVgXboeAlplZdnGGIbzwjRbzmRcMGxLh7TljnhnKEXOhbDhGkmC%2FbxByA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6633d9d61accc26d-FRA
expires
Sun, 12 Jun 2022 07:44:21 GMT
default.min.css
pastebin.fun/css/skins/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/css/skins/default.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f773ee50c4f1f07468ffd3a170d534435805a3dda6d8cab308cb2cc3c9378548

Request headers

:path
/css/skins/default.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e90000c28bdca74000000001
last-modified
Wed, 10 Feb 2021 17:30:12 GMT
server
cloudflare
etag
W/"7ab-5bafec15b5100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O0454QHW8VgwpnBVzgn%2BmEdg84z6R86P%2BN7luPy5ZpTBUK453Ud4HGLVVJ9%2BHQifGWtqP17eOh1Q0WGFdJKlT9qmjwrRVoDTCyH%2BDReHWYWlaBIj9xvuJXyq%2BLH0UAxe3EwAT%2BVd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c88c28b-FRA
flag-icon.min.css
pastebin.fun/plugins/flags/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/plugins/flags/css/flag-icon.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/plugins/flags/css/flag-icon.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6zsTYt25%2By4h9pKyxHsUcgxt971Ax%2BOymtG6CSuj9KEi3cEsXnZEIQvtlrDedSGRZJYMQvtxfltpN17xjfEyrtclrAVFLBca4zpUUQGsLS3gklHqL3rcMetUFDTWDtZIn2wd%2B4qX"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
6633d9d63c85c28b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e90000c28beb80e000000001
cookiealert.min.css
pastebin.fun/plugins/cookiealert/ 		12 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/plugins/cookiealert/cookiealert.min.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22550b25d04acd0a8fa6f62d9ece96021d003d880f58c7a93faa82851990ad3a

Request headers

:path
/plugins/cookiealert/cookiealert.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e90000c28b120c7000000001
last-modified
Thu, 11 Feb 2021 02:45:42 GMT
server
cloudflare
etag
W/"2e67-5bb0683fac180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UIh4qVQ5tVm2VCrNNzi6ZSv44M06U8Z78NR1tXLt7x1uX%2BF58n9GpkjfgsOJhqVNBaVidIC9iqC3qPPkzGLHTRZWgsQOZr9GcOEK6n5k1D%2BCWBnIDgvVp9Fw5jKnx0HmUoustOFD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c82c28b-FRA
app.min.css
pastebin.fun/css/ 		648 B
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/css/app.min.css?v=1.2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path
/css/app.min.css?v=1.2
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e70000c28bb8ab7000000001
last-modified
Thu, 25 Jun 2020 15:58:28 GMT
server
cloudflare
etag
W/"288-5a8eaa9d4cd83-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cYd8zMwfA7PrwdWn2vBqdPHs7rDkkuGjQyl%2FVPJKlfndVB8YSiJQyrP5Mi1LPGrd0g1LCKpJz5Doa5QhdoZMEMdFliyS1ZlwMj58p2Pr70RZDSRqiBaCPOyjJoAdfiBiDFRkGf8W"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c7ec28b-FRA
prism-okadia.css
pastebin.fun/plugins/prismjs/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/plugins/prismjs/prism-okadia.css
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path
/plugins/prismjs/prism-okadia.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3507
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad44679e70000c28beb80c000000001
last-modified
Wed, 30 Jan 2019 00:43:52 GMT
server
cloudflare
etag
W/"326d-580a2342d6200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HdLBPojysYf0xwlRcjUrGmHHgG074WKE08kaADxy202OqoJh5ql8lUjzb%2FtF172%2BqLxrrPniFskn11OMs6kET%2FZKd1ZmhyJGZ7nCxOU3TJcCVsOQ40klmOSapZQLxL%2FU47s1pE5S"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6633d9d63c7ac28b-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbbdd3f919bc067a5734e7b22d2c2604d93b59612f2dd29ffcc21a0282365ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49223
x-xss-protection
0
server
cafe
etag
12201057503288881179
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Jun 2021 07:44:21 GMT
rU3w46eRC6.png
pastebin.fun/uploads/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.fun/uploads/rU3w46eRC6.png
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f11db00f7388d085471e6d5f2f1d551b1c8efb2c67bdbf2a4d8acef0756399c

Request headers

:path
/uploads/rU3w46eRC6.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11878
cf-request-id
0ad4467a120000c28bb5916000000001
last-modified
Mon, 17 Feb 2020 16:41:27 GMT
server
cloudflare
etag
"2e66-59ec83a0184a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v4O11dSJkFbSkpnVKPZBPECIszfFnezei8JUMqUzkAVn1%2BZnTfy9CrYZmAbtI8Om3wCKNl0m9pvxwY0ldws45M5MByQrLt4gcpUuySWJhy2oxQv5zUslhQgidcg0JwCfuv66s0SG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6633d9d66d18c28b-FRA
default-avatar.png
pastebin.fun/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.fun/img/default-avatar.png
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path
/img/default-avatar.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6957
cf-request-id
0ad4467a130000c28b07b63000000001
last-modified
Wed, 28 Nov 2018 18:58:44 GMT
server
cloudflare
etag
"1b2d-57bbe27b92100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P0qHFuBEnDs%2BMfWCmGWU1akYu41ofmuueGv%2B5i79Gz7U6N6Y9HG4OVqyHua%2Fov3XJ1ALtZ9lsWYDN0SsFX%2FVuNFf0lzXwOChBczwiyZuEk%2BH51yDN1dLodxmc0peBugeSl8hvGsc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6633d9d66d3cc28b-FRA
/
ui-avatars.com/api/ 		569 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ui-avatars.com/api/?background=random&name=stonecrate50
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c9d9755ca2211f06a022314bbd7e903e26ebaf893680b6b53d0065505cb267

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
cf-request-id
0ad4467a0a00004dc4d1888000000001
pragma
public
link
<https://ui-avatars.com>; rel="canonical", <https://ui-avatars.com>; rel="canonical"
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1814400, 3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CjKD5LVEZ8KHnb40y%2F3OMTUjz0ef2bB8lnUecIl%2BANzvcGKncqoswqGwUUdukZvASJNGk2ZAAkrE8v6vKEXx5BhOS9gFx5SrrE7hq%2FGaWBxoy2ZuWS44yrUQd3BR9g8M%2Bkh73k3iEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
max-age=1814400
access-control-allow-credentials
true, true
cf-ray
6633d9d67c4a4dc4-FRA
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, Content-Type, Accept, X-Requested-With, remember-me
waWQiOjEwMjUyNjIsInNpZCI6MTA5ODk5MSwid2lkIjoyMDYwMjcsInNyYyI6Mn0=eyJ.js
ndroip.com/na/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndroip.com/na/waWQiOjEwMjUyNjIsInNpZCI6MTA5ODk5MSwid2lkIjoyMDYwMjcsInNyYyI6Mn0=eyJ.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:17a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dd878b5dea6e258dfe813c0be089969a76954eeded8321d6a66ce77780b788

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
e-tag
089209f7d66dc6b9101e5c99a5ee9687
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a0900000ea77d2d7000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V1wHl%2Bx8Ju2bXmyeylWAQF9%2BEiuQ12JDfJd2jvtEq5N%2FFECcY05oEnkJQYuIxM40sjN69xy1Bl4AWNRqOOnTVbo4dnknr69MiEKDquFq9WKM8lcAqo7gsDgOvb35pY5w5fWadw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://pastebin.fun
cache-control
public, max-age=14400, proxy-revalidate
cf-ray
6633d9d67a0a0ea7-FRA
/
api.qrserver.com/v1/create-qr-code/ 		357 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.qrserver.com/v1/create-qr-code/?size=150x150&data=https%3A%2F%2Fpastebin.fun%2Fvz0femnlww
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.85.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.85.99.88.clients.your-server.de
Software
Apache/2 / PHP/5.4.16
Resource Hash
b1b5939b6b3fc295facee55b2de33f30763d56529e1156c50e44b57493551de4

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 07:44:21 GMT
Server
Apache/2
X-Powered-By
PHP/5.4.16
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Access-Control-Allow-Headers
Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
Content-Length
357
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7900322
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27433
cf-request-id
0ad4467a0700004e0d26218000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7wCwjoxQZlMkhTz3qLin8buqrg9bWI2r9%2BIeuDsndMevMm4t69XbXJRCgDxB%2F5Py2h0uSxSZA5vDvdSIuJ7Lx36FFEp0ymp9MuWPAt2eQKq1GSM0%2BjXMgyL07JWNxr%2B0u14TaYnKEO7Sw4tXZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6633d9d67c694e0d-FRA
expires
Sun, 12 Jun 2022 07:44:21 GMT
bootstrap.min.js
pastebin.fun/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/js/bootstrap.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a040000c28bca025000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
W/"c75f-57a2a60097180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lTFYH1zTgk4V6eR0JBCCbNbeWNcG7OoWdA%2BbfDimDX86XI97LwDbv8NXqlitZV%2BHes9ATDo%2Bdx9EfGkGLJmxrSMRxff5hl43cfgI2wEYp7%2Be8TRR18syEWnP%2FImQw%2B%2FC6lJ7jLz8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6633d9d66d02c28b-FRA
mdb.min.js
pastebin.fun/js/ 		204 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/js/mdb.min.js?v=2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path
/js/mdb.min.js?v=2
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a050000c28bfaac9000000001
last-modified
Wed, 30 Jan 2019 00:15:46 GMT
server
cloudflare
etag
W/"331d6-580a1cfaf1080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ju37c5QJKupgrw2qj9fBDWzxmw1yZntgqq29wWIMQT4G21RmCvtdmkPYzpArf1un%2Fj7sjuf02X1PqYvQ8m6kdFRhaJOSdqEmTKHgFy7NoF4kDRBrf6PYDY1HFkiEQQSGHLLFesus"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6633d9d66d08c28b-FRA
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1594554
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15668
cf-request-id
0ad4467a0700004e0d0b8a7000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-1042e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UpJ9aZcmnE9sOx0bR%2FwBhCPU9qtKPa%2FeXQbS3GUvXelC%2BU7jN8wNqydkH50SlA33IFBpcV8qx59oJI6RCjSWQN4jI8TjJ%2FuAQIVctl09%2Fur99VetHpw5Ip5SN2gn8l6e%2B1zfsLxsKztDtuQR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6633d9d67c674e0d-FRA
expires
Sun, 12 Jun 2022 07:44:21 GMT
prebid-ads.js
pastebin.fun/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/js/prebid-ads.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/js/prebid-ads.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n6%2Bo1tZB50wOOA%2ByThUjkrXj2p2eDzLC8olThKzS0coado5o6Ka53LQHkbaC%2B88nPRm0JwQBcZ7eejjkXfyhHXaFDhlksLFEoKMU1N66qFnw20%2B8UW3c9JhKkCCU%2BpUFYojHRKvf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
6633d9d66d0bc28b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a0c0000c28b8e00a000000001
cookiealert.min.js
pastebin.fun/plugins/cookiealert/ 		682 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/plugins/cookiealert/cookiealert.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4470cb0aed2ae52f97231063dbe4b662aea0d6e6b46df1ccfe5d4f49f5dca5c4

Request headers

:path
/plugins/cookiealert/cookiealert.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a090000c28bf28a7000000001
last-modified
Thu, 11 Feb 2021 02:46:20 GMT
server
cloudflare
etag
W/"2aa-5bb06863e9700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TBbS0oDRYFX3cNIjUG34HTYmdOK2szWLtqy6Xyu%2Bm29FRsqYt8sWIa8%2Bzlo7pmYtrgJUqZKNBIBeCPt3TWbXgg986dOq%2B0lhBLT%2BrGycfqC0NLXpeUe2KyJoSKN8cJVZcDF5lfrF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6633d9d66d0fc28b-FRA
app.min.js
pastebin.fun/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/js/app.min.js?v=1.5
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path
/js/app.min.js?v=1.5
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a060000c28b07b61000000001
last-modified
Sat, 14 Mar 2020 02:34:12 GMT
server
cloudflare
etag
W/"5b0-5a0c76bdaf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mDyFz7qc1Jvt1IrLC8Pb1%2FWmOVHfs%2BVIDKaH7gmnLKS9tV9rl3DZ3ulyRk84rfsQERFYcUZ3c1EA6WFIiACQa9cvaiOkz1SNUCbCC5eAtlaivxTgEKcUs834vYiuVH9121HH05yw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6633d9d66d12c28b-FRA
prism.js
pastebin.fun/plugins/prismjs/ 		328 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/plugins/prismjs/prism.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6deece53b3dce8217fab5293da28c7c8001782cd4b96f93555d26dff12240b40

Request headers

:path
/plugins/prismjs/prism.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467a070000c28bc7a64000000001
last-modified
Thu, 11 Jul 2019 04:05:04 GMT
server
cloudflare
etag
W/"521a6-58d5fe6043c00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I3LNqKZkNsuq9BcsRTuSA1G%2B6E8YZ8ghmpbDJXj%2FHEDwK8%2BHRNAV4plWWYZExhNvve7I4%2BlXawyfdL2XI1053JxPXYBb%2BoUbBZPCj7El21%2BLZTrMe%2BRQZfF6pDvXDZK6QF1%2BLNag"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6633d9d66d15c28b-FRA
js
www.googletagmanager.com/gtag/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155891678-2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50cf7810342c69514293acdc79c67cd47d27303a9747585f1880bc337fb5f75d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36279
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Jun 2021 07:44:21 GMT
PzY9RUN9TkKuKY4kiy73m6aUoR4.js
pastebin.fun/cdn-cgi/apps/body/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/cdn-cgi/apps/body/PzY9RUN9TkKuKY4kiy73m6aUoR4.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/cdn-cgi/apps/head/ebgN2tWPX2U-IxPK-Ke-eI7wW3A.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575239a88773a58533321e018090768da7e18f92aa7b45b392fc63cc09473375

Request headers

:path
/cdn-cgi/apps/body/PzY9RUN9TkKuKY4kiy73m6aUoR4.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4104592
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
4SAZE2V6BE15MDPT
x-amz-id-2
9s8DQWyeaULrBLpG/9x9iO/MAUjyi5/OCMrHEGI64VX2snwr/EqTfUG16fONh3zxko6vkNiXGDA=
last-modified
Fri, 03 Jul 2020 11:33:57 GMT
server
cloudflare
etag
W/"e069e46d45bea387fa8f708573d22fc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vCXiDogWbzF1pPvskvEq%2BXShzwztI%2FVSDqSTEalqr6FrzfS9tAa4PbJcPIQVmw5xp22w0AX%2FsvdGRfnqNGdHvxqQ5HFhCl9SBirlfartdmAuTu%2Fsu%2BN6Hk%2BbTiwkoRfABSS4E7Px"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ygg_25bFbWpASKcFQrqNPrIWdiLqqfwd
cache-control
public, max-age=31536000
cf-request-id
0ad4467a140000c28b1a0f6000000001
cf-ray
6633d9d66d41c28b-FRA
1513646
ad.a-ads.com/ Frame D22D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1513646?size=970x90
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
a031c15fd387ef77825213fc68fedcda9841e8bac96556f9c7fb9aff8088febb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pastebin.fun/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pastebin.fun/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 22 Jun 2021 07:44:21 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://pastebin.fun/
Content-Encoding
gzip
1513652
ad.a-ads.com/ Frame 0488 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1513652?size=240x400
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
12505a3c47256eb193d5bac5567d49139943f4a8cc86b517ddf791fb387773f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pastebin.fun/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pastebin.fun/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 22 Jun 2021 07:44:21 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://pastebin.fun/
Content-Encoding
gzip
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfb8f00b4846926f6fe0a8c4b8cc20aa01aaac5a5c93b2a0910b9d8dc69cce30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88008
x-xss-protection
0
server
cafe
etag
2634391079124348748
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Jun 2021 07:44:21 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://pastebin.fun
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617, 617, 617, 617, 617
age
5186825
cdn-cachedat
2021-04-23 08:51:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
cf-request-id
0ad4467a4f00004abcb3a50000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e6a2001104ecca2014359d9c9a7684e5
accept-ranges
bytes
cf-ray
6633d9d6ebf64abc-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
Roboto-Regular.woff2
pastebin.fun/font/roboto/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/font/roboto/Roboto-Regular.woff2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/css/mdb.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode
cors
origin
https://pastebin.fun
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
:path
/font/roboto/Roboto-Regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pastebin.fun
referer
https://pastebin.fun/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://pastebin.fun
Referer
https://pastebin.fun/css/mdb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49236
cf-request-id
0ad4467a4d0000c28b8e00e000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
"c054-57a2a60097180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C5wSI0%2FZYQBv%2B0N8IM8Ec8J4BF5jyJSZpGqjFu1A359Mty1UGXr68atUrkXFcZfvDQ9vKq8UIBK%2BXyJXL1vwrrJ8oZvBmF0canXaChm9iyGpvW6BGt7T2J3Ni4NETZXWAVYziEmV"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6633d9d6ede4c28b-FRA
Roboto-Light.woff2
pastebin.fun/font/roboto/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/font/roboto/Roboto-Light.woff2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/css/mdb.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode
cors
origin
https://pastebin.fun
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
:path
/font/roboto/Roboto-Light.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pastebin.fun
referer
https://pastebin.fun/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://pastebin.fun
Referer
https://pastebin.fun/css/mdb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49380
cf-request-id
0ad4467a4e0000c28bb5918000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
"c0e4-57a2a60097180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=APfCpncROE4oFXZwECTk2x0eo%2BdexkwXN7X5yMjU7HpEjDTez8PJbOtUGy9P3zUGfyDe4ONIlhdZbBEhq05%2Fg%2FXYl%2FJYlOLG%2BUuk7EfHKdHxslkd9%2B%2BG%2F2bWVCf3CT3M3k4x39oe"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6633d9d6edebc28b-FRA
Roboto-Bold.woff2
pastebin.fun/font/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/font/roboto/Roboto-Bold.woff2
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/css/mdb.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode
cors
origin
https://pastebin.fun
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
:path
/font/roboto/Roboto-Bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pastebin.fun
referer
https://pastebin.fun/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://pastebin.fun
Referer
https://pastebin.fun/css/mdb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49976
cf-request-id
0ad4467a4f0000c28bf0387000000001
last-modified
Thu, 08 Nov 2018 17:15:02 GMT
server
cloudflare
etag
"c338-57a2a60097180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mhZ7%2FCZVKz4mVr7i6n1TvQBsVOH%2Fpg341QQtbrKxftNBkPQiDp25e4FYNuuPtWM3PMnzKDFnLtRtPK8eeb6pQS7kXvCByR224VdhVO0DtgGYjprsgFcXtdjdCvekF%2FVxOT48KOGx"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6633d9d6edf1c28b-FRA
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/ Frame 68AA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210617/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pastebin.fun/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pastebin.fun/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 22 Jun 2021 00:04:05 GMT
expires
Tue, 06 Jul 2021 00:04:05 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
27616
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Calendar.min.js
www.displayvertising.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.displayvertising.com/Calendar.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ab74fb69703c7df383be2e2645d67beb61e168272b667b6e442a2a72cd0b2009

Request headers

Origin
https://pastebin.fun
Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 22 Jun 2021 07:44:21 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
231379
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1ry9oVCPv04cDAA==
x-accel-expires
@1624721282
server
CDN77-Turbo
x-77-nzt-ray
5k4wQUmXB00=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Sat, 26 Jun 2021 15:28:02 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ntload
tgpsew.com/ 		0
0
prebid-ads.js
pastebin.fun/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.fun/js/prebid-ads.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:591e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/js/prebid-ads.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ilwvc1kzS1BNV3VpRkcxeUpjbG9EN2R3PT0iLCJ2YWx1ZSI6IjBCNHpiUll4VVY1eldZZWcrSE1NeTl2Y3lYa2ppZXREamJPd2lWK0xLcGRaWEc5cGNFUzdZdlZoUXc5TCs5ZVciLCJtYWMiOiI1ZmRjM2E5YmIzM2EzYzQ1ZDE2MzY5MGNiZjZkZDhhYTllNTJhMDE4NzI1MTA1YWRmNzRlYTViMWIwODhmMjU3In0%3D; pastebinfun_session=eyJpdiI6IlVvU2lBRmdpMnZYSkYyNDgyc2tLdnc9PSIsInZhbHVlIjoieVBEN0M4bnpZaUIxTGhLUkZhVzI1UUx5cjhja3RBZDdQUUxQM1FnbHpmVTROUnhIUldta1FaY2xhVmdzbWV1SiIsIm1hYyI6ImYyN2FjZTE0MzkzN2Y3ZjkzMGEyYTczMjJkNzVlMDRjMmVkOTE5NzEwNTJkM2YyNDQwOWE0Nzg1MDExNWVkYzEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pastebin.fun
referer
https://pastebin.fun/vz0femnlww
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pastebin.fun/vz0femnlww
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IgDUPMUku2gzY66FCFF6t2u0CS9hvUVDyE4xo%2BzDgqhqqfIbdDucE4WMnPDg4oyYMvzGxFmw7wMHWM9ZZ%2BYPaFNH33A4LsQtmaahFEhDxVyh3%2Fi5abRfTE0oWk51M1qoJF%2BFoqdx"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
6633d9d95a56c28b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467bd60000c28be6171000000001
cookie.js
partner.googleadservices.com/gampad/ 		202 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.fun&callback=_gfp_s_&client=ca-pub-9740786405598662
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pastebin.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastebin.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 609A 		603 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9740786405598662&output=html&adk=1812271804&adf=3025194257&lmt=1624347862&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpastebin.fun%2Fvz0femnlww&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624347861567&bpp=13&bdt=126&idt=414&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2854164165183&frm=20&pv=2&ga_vid=1721504935.1624347862&ga_sid=1624347862&ga_hid=441828904&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C31061047&oid=3&pvsid=1290692833269118&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9740786405598662&output=html&adk=1812271804&adf=3025194257&lmt=1624347862&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpastebin.fun%2Fvz0femnlww&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624347861567&bpp=13&bdt=126&idt=414&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2854164165183&frm=20&pv=2&ga_vid=1721504935.1624347862&ga_sid=1624347862&ga_hid=441828904&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C31061047&oid=3&pvsid=1290692833269118&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pastebin.fun/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://pastebin.fun/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 22 Jun 2021 07:44:22 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 22-Jun-2021 07:59:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Jun 2021 07:44:22 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9740786405598662&plah=pastebin.fun&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274983153827"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27713
x-xss-protection
0
expires
Tue, 22 Jun 2021 07:44:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-9740786405598662&c=13&e=2570847921467975139&n=0&t=0&w=242&x=0
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/vz0femnlww
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 07:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
970x90
static.a-ads.com/a-ads-banners/145043/ Frame D22D 		351 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/145043/970x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1513646?size=970x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 07:44:22 GMT
Last-Modified
Sat, 24 Apr 2021 20:15:47 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
6E2814XXZ9V020V9
ETag
"648801cd1f1ca7c416600108879ac46e"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
513403
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
_ZQS3.WdGfYtSWRRtcos6FwkcN6Z8CQF
x-amz-id-2
sd6ZkylaOEY7pcnSXhWPARpHUwETcFMrGi6YCEqTyZpvxlV6kAx1vyecFr8XhqzoXiAURksgeEk=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
240x400
static.a-ads.com/a-ads-banners/190401/ Frame 0488 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/190401/240x400?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1513652?size=240x400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 07:44:22 GMT
Last-Modified
Mon, 14 Jun 2021 16:15:21 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
822VHPFJPZ6KPH9D
ETag
"d126df13271c269329bc49e0bde4de1d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
121324
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Dmgo8W_oDgXsVf2cx1DVDXfTaG88c9ch
x-amz-id-2
mLIBGOPDTpSlUmGqLUCxhKf4zAaoyuyd7ogMt667SDkYJoWuyUQkIr5ZRbf3aYW0M75vUP4aDIY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame D22D 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0488 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
c.adsco.re/ 		62 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.displayvertising.com
URL: https://www.displayvertising.com/Calendar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
221228
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6633d9da8da90601-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad4467c9700000601e20f5000000001
expires
Fri, 23 Jul 2021 07:44:22 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: pastebin.fun
URL: https://pastebin.fun/plugins/prismjs/prism.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:44:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
105121
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2905
cf-request-id
0ad4467e5700004e0d0b917000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JtyetcA5PYmabxjI0HdusqDvpgTyC2Oy3UUfjRTdrIwDnoDIYc6rSYePO1xz29liWJnqB8BpV1AypoieleVdqnaBBY1OXx7VZJkd4xu9jdpk9Uco7%2F1kxUI9HfMxd1vsf3Sir1zyQ4PMk08j3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6633d9dd5dbe4e0d-FRA
expires
Sun, 12 Jun 2022 07:44:22 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		0
0
get-paste
pastebin.fun/ 		0
0
/
6.adsco.re/ 		0
0
/
4.adsco.re/ 		0
0
analytics.js
www.google-analytics.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tgpsew.com
URL
https://tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwMjUyNjIsInNpZCI6MTA5ODk5MSwid2lkIjoyMDYwMjcsImQiOiJwYXN0ZWJpbi5mdW4iLCJsaSI6NX0=&tz=2&if=0
Domain
s7.addthis.com
URL
https://s7.addthis.com/js/300/addthis_widget.js
Domain
pastebin.fun
URL
https://pastebin.fun/get-paste
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
ad.a-ads.com
adservice.google.com
adservice.google.de
api.qrserver.com
c.adsco.re
cdnjs.cloudflare.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
ndroip.com
pagead2.googlesyndication.com
partner.googleadservices.com
pastebin.fun
s7.addthis.com
static.a-ads.com
tgpsew.com
ui-avatars.com
www.displayvertising.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
4.adsco.re
6.adsco.re
pastebin.fun
s7.addthis.com
tgpsew.com
www.google-analytics.com
142.250.181.226
213.239.209.209
2606:4700:20::681a:9b9
2606:4700:3030::6815:591e
2606:4700:3032::ac43:8890
2606:4700:3033::6815:17a
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6811:a7ba
2606:4700::6812:bcf
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:6ea0:c700::2
88.99.85.235
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
12505a3c47256eb193d5bac5567d49139943f4a8cc86b517ddf791fb387773f8
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22550b25d04acd0a8fa6f62d9ece96021d003d880f58c7a93faa82851990ad3a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
4470cb0aed2ae52f97231063dbe4b662aea0d6e6b46df1ccfe5d4f49f5dca5c4
50cf7810342c69514293acdc79c67cd47d27303a9747585f1880bc337fb5f75d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
575239a88773a58533321e018090768da7e18f92aa7b45b392fc63cc09473375
5f11db00f7388d085471e6d5f2f1d551b1c8efb2c67bdbf2a4d8acef0756399c
6051e66f9978766c67477d61beab477960b3cca51ebbe8be677d1b2898cff1a7
6deece53b3dce8217fab5293da28c7c8001782cd4b96f93555d26dff12240b40
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
82c9d9755ca2211f06a022314bbd7e903e26ebaf893680b6b53d0065505cb267
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
a031c15fd387ef77825213fc68fedcda9841e8bac96556f9c7fb9aff8088febb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab74fb69703c7df383be2e2645d67beb61e168272b667b6e442a2a72cd0b2009
b1b5939b6b3fc295facee55b2de33f30763d56529e1156c50e44b57493551de4
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b9dd878b5dea6e258dfe813c0be089969a76954eeded8321d6a66ce77780b788
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
dfb8f00b4846926f6fe0a8c4b8cc20aa01aaac5a5c93b2a0910b9d8dc69cce30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
f638532360a11700edb1c77aea705024486f37d4d2bd4c5f5a9753e7ad850908
f773ee50c4f1f07468ffd3a170d534435805a3dda6d8cab308cb2cc3c9378548
fbbdd3f919bc067a5734e7b22d2c2604d93b59612f2dd29ffcc21a0282365ae6
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95