paste4btc.com Open in urlscan Pro
2606:4700:3037::ac43:ad12 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://paste4btc.com/XyA8wtf7
Submission Tags: falconsandbox
Submission: On April 06 via api (April 6th 2021, 6:58:42 pm UTC) from US

Summary HTTP 144 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 42 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3037::ac43:ad12, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste4btc.com.

This is the only time paste4btc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3037::ac43:ad12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 7	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	85.10.200.158 85.10.200.158	24940 (HETZNER-AS) (HETZNER-AS)
1 3	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
2	91.121.90.131 91.121.90.131	16276 (OVH) (OVH)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
1	54.93.136.159 54.93.136.159	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
2 4	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
7	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
8	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
32	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 3	65.9.90.46 65.9.90.46	16509 (AMAZON-02) (AMAZON-02)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	54.171.243.255 54.171.243.255	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	18.158.22.14 18.158.22.14	16509 (AMAZON-02) (AMAZON-02)
2 7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	34.247.209.159 34.247.209.159	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.17.140 18.159.17.140	16509 (AMAZON-02) (AMAZON-02)
144	41

13 2606:4700:3037::ac43:ad12 (United States)

ASN13335 (CLOUDFLARENET, US)

paste4btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl9195645.pvclouds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.210.248.44 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.bnhtml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.urldelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.10.200.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-200-158.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.134 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

paste4btc.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.90.131 (France)

ASN16276 (OVH, FR)
PTR: l10.nikos-hosting.com

www.ctx.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.136.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-136-159.eu-central-1.compute.amazonaws.com

venetrigni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.186.225.208 (Russian Federation) 2 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.50 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.46 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.243.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-243-255.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.22.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.209.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.242.149 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com	323 KB
22	disqus.com 1 redirects paste4btc.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com glitter.services.disqus.com links.services.disqus.com	76 KB
17	disquscdn.com c.disquscdn.com a.disquscdn.com	625 KB
13	paste4btc.com paste4btc.com	110 KB
7	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
6	addthis.com 1 redirects s7.addthis.com api-public.addthis.com	191 KB
5	adnxs.com 4 redirects ib.adnxs.com	5 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net	2 KB
4	google.com apis.google.com accounts.google.com	40 KB
4	vk.com 2 redirects vk.com	1 KB
4	a-ads.com ad.a-ads.com static.a-ads.com	25 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	criteo.com 3 redirects gum.criteo.com dis.criteo.com	1 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	adsrvr.org 2 redirects match.adsrvr.org	916 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	743 B
2	viglink.com cdn.viglink.com	1 KB
2	facebook.net connect.facebook.net	63 KB
2	reddit.com www.reddit.com	820 B
2	urldelivery.com www.urldelivery.com Failed	1 KB
2	ctx.me www.ctx.me	21 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	805 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	gstatic.com ssl.gstatic.com	39 KB
1	facebook.com www.facebook.com
1	addthisedge.com v1.addthisedge.com	526 B
1	moatads.com z.moatads.com	1 KB
1	venetrigni.com venetrigni.com Failed	413 B
1	bnhtml.com www.bnhtml.com	6 KB
1	pvclouds.com pl9195645.pvclouds.com
0	exelator.com Failed loadus.exelator.com Failed
144	42

	Domain	Requested by
15	c.disquscdn.com	paste4btc.disqus.com paste4btc.com disqus.com c.disquscdn.com tempest.services.disqus.com
13	images.taboola.com	paste4btc.com tempest.services.disqus.com
13	paste4btc.com	paste4btc.com
8	trc.taboola.com	cdn.taboola.com paste4btc.com
8	cdn.taboola.com	tempest.services.disqus.com cdn.taboola.com
8	referrer.disqus.com	paste4btc.com c.disquscdn.com
5	sync.taboola.com	2 redirects paste4btc.com
5	idsync.rlcdn.com	2 redirects c.disquscdn.com live.rezync.com
5	ib.adnxs.com	4 redirects c.disquscdn.com
4	links.services.disqus.com	c.disquscdn.com paste4btc.com
4	cm.g.doubleclick.net	3 redirects paste4btc.com
4	vk.com	2 redirects paste4btc.com
4	disqus.com	paste4btc.disqus.com c.disquscdn.com
3	x.bidswitch.net	3 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com tempest.services.disqus.com
3	api-public.addthis.com	s7.addthis.com
3	paste4btc.disqus.com	1 redirects paste4btc.com paste4btc.disqus.com
3	ad.a-ads.com	paste4btc.com
3	s7.addthis.com	1 redirects paste4btc.com s7.addthis.com
2	a.sportradarserving.com	2 redirects
2	sync-t1.taboola.com	paste4btc.com
2	ce.lijit.com	1 redirects paste4btc.com
2	match.adsrvr.org	2 redirects
2	bh.contextweb.com	1 redirects paste4btc.com
2	rtb.mfadsrvr.com	2 redirects
2	gum.criteo.com	2 redirects
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects paste4btc.com
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	cdn.viglink.com	paste4btc.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	a.disquscdn.com	paste4btc.com c.disquscdn.com
2	tempest.services.disqus.com	paste4btc.disqus.com c.disquscdn.com
2	www.reddit.com	paste4btc.com
2	www.urldelivery.com	www.bnhtml.com
2	www.ctx.me	paste4btc.com www.ctx.me
2	www.google-analytics.com	paste4btc.com www.google-analytics.com
1	cds.taboola.com	paste4btc.com
1	bttrack.com	paste4btc.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	paste4btc.com
1	rtb-csync.smartadserver.com	paste4btc.com
1	simage2.pubmatic.com	paste4btc.com
1	pixel.rubiconproject.com	paste4btc.com
1	match.taboola.com	paste4btc.com
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	static.a-ads.com	ad.a-ads.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	venetrigni.com	www.bnhtml.com
1	www.bnhtml.com	paste4btc.com
1	pl9195645.pvclouds.com	paste4btc.com
0	loadus.exelator.com Failed	paste4btc.com
144	61

This site contains links to these domains. Also see Links.

Domain
www.imdb.com
demo.ckan.org
azkamovie.substack.com
www.skreebee.com
www.goqna.com
paste.ofcode.org
paste.feed-the-beast.com
www.click4r.com
pantip.com
forums.commentcamarche.net
www.dancehalldatabase.com
ameblo.jp
www.theodysseyonline.com
www.toevolution.com
photozou.jp
www.slipstreamti.com
karantina.pertanian.go.id
www.paste4btc.com
www.addthis.com

Subject Issuer	Validity	Valid
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2021-03-31` - `2021-12-27`	9 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
accounts.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.narrative.io Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://paste4btc.com/XyA8wtf7
Frame ID: E20D76B11400725594DCC6E844DD19F1
Requests: 52 HTTP requests in this frame

Frame: http://ad.a-ads.com/980375?size=468x60
Frame ID: 7322FC1DA82B4DF8DA3E7504AF1A8824
Requests: 3 HTTP requests in this frame

Frame: http://www.ctx.me/r.php
Frame ID: 2CB8D3C084719639F4026F56DC0A0CD7
Requests: 2 HTTP requests in this frame

Frame: http://ad.a-ads.com/980377?size=240x400
Frame ID: CD7967425B55FBB96FCBBD6D6AF668A9
Requests: 2 HTTP requests in this frame

Frame: http://ad.a-ads.com/980376?size=990x90
Frame ID: F74A4FBA68B6E10CE4A219A9E0B21800
Requests: 2 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.381441996187?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=3e715530-ae5a-4060-98a5-5ec89712cd02%3A1%3A1
Frame ID: 487898B7CCC912C8FCC771A2310DC377
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Frame ID: C308946DDD07C398C5D511812E602CE5
Requests: 26 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Frame ID: 3D6990C30A511BD1D674944DE6BE6D05
Requests: 32 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Frame ID: 9B22A33F2EEF9F34B8D8CF834F47430B
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 134DB1F4DF756FAE4673A7A8104FA6C3
Requests: 3 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c753c0f024r1g00&pctry=DE&referrer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Frame ID: 95572D2ECE5FDE238FCD88BC6E58C94B
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1
Frame ID: 8EA6F2017734A09326C1E610A1FD8922
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a&tbid=f0fbf039-08f5-4040-bc9d-9f16dadb45fb-tuct76634cd&query=taboola_hm%3Daaba6003-d836-4822-893c-d675b027f76a&isDirect=0
Frame ID: A4A5CB234EF47FBD7650B66155243065
Requests: 18 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.1346683595057?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=3e715530-ae5a-4060-98a5-5ec89712cd02%3A1%3A1
Frame ID: 920C29A0556B339F7C5F3DAAAFADA180
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

144
Requests

78 %
HTTPS

21 %
IPv6

42
Domains

61
Subdomains

41
IPs

8
Countries

1549 kB
Transfer

3882 kB
Size

15
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.imdb.com/list/ls094835061/
Title: https://www.imdb.com/list/ls094835061/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835062/
Title: https://www.imdb.com/list/ls094835062/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835064/
Title: https://www.imdb.com/list/ls094835064/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835068/
Title: https://www.imdb.com/list/ls094835068/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835023/
Title: https://www.imdb.com/list/ls094835023/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835038/
Title: https://www.imdb.com/list/ls094835038/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835034/
Title: https://www.imdb.com/list/ls094835034/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835031/
Title: https://www.imdb.com/list/ls094835031/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835035/
Title: https://www.imdb.com/list/ls094835035/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls094835012/
Title: https://www.imdb.com/list/ls094835012/

Search URL Search Domain Scan URL

URL: https://demo.ckan.org/dataset/ytikyhkitjtiutiti
Title: https://demo.ckan.org/dataset/ytikyhkitjtiutiti

Search URL Search Domain Scan URL

URL: https://azkamovie.substack.com/p/yuikyukyi
Title: https://azkamovie.substack.com/p/yuikyukyi

Search URL Search Domain Scan URL

URL: https://www.skreebee.com/post/19103_https-www-imdb-com-list-ls094835061.html
Title: https://www.skreebee.com/post/19103_https-www-imdb-com-list-ls094835061.html

Search URL Search Domain Scan URL

URL: http://www.goqna.com/45404/yukyugtyhkyhjg
Title: http://www.goqna.com/45404/yukyugtyhkyhjg

Search URL Search Domain Scan URL

URL: https://paste.ofcode.org/4mtCwnahF6HVr8DSpUc4Gc
Title: https://paste.ofcode.org/4mtCwnahF6HVr8DSpUc4Gc

Search URL Search Domain Scan URL

URL: https://paste.feed-the-beast.com/view/c2399616
Title: https://paste.feed-the-beast.com/view/c2399616

Search URL Search Domain Scan URL

URL: https://www.click4r.com/posts/g/2395155/tyijyujtghurtu
Title: https://www.click4r.com/posts/g/2395155/tyijyujtghurtu

Search URL Search Domain Scan URL

URL: https://pantip.com/topic/40510320
Title: https://pantip.com/topic/40510320

Search URL Search Domain Scan URL

URL: https://forums.commentcamarche.net/forum/affich-37086551-tyjyhjutrfiyiyo?MYJDgMAknL0yy91lu7IWtK1fLIcEOWrwIoVRtlxLoCg
Title: https://forums.commentcamarche.net/forum/affich-37086551-tyjyhjutrfiyiyo?MYJDgMAknL0yy91lu7IWtK1fLIcEOWrwIoVRtlxLoCg

Search URL Search Domain Scan URL

URL: https://www.dancehalldatabase.com/forum/Dancehall-Reggae/tyiyjtdurtitii/fe9de7041388eb8ed9ed759a00b3809c/11666
Title: https://www.dancehalldatabase.com/forum/Dancehall-Reggae/tyiyjtdurtitii/fe9de7041388eb8ed9ed759a00b3809c/11666

Search URL Search Domain Scan URL

URL: https://ameblo.jp/azkamovie/entry-12655742113.html
Title: https://ameblo.jp/azkamovie/entry-12655742113.html

Search URL Search Domain Scan URL

URL: https://www.theodysseyonline.com/tyujtrutiryoo
Title: https://www.theodysseyonline.com/tyujtrutiryoo

Search URL Search Domain Scan URL

URL: https://www.toevolution.com/blog/view/1197466/tyujytrtutirtirti
Title: https://www.toevolution.com/blog/view/1197466/tyujytrtutirtirti

Search URL Search Domain Scan URL

URL: http://photozou.jp/community/show/7080
Title: http://photozou.jp/community/show/7080

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/what-s-your-favorite-show/yikyhtyityiyi
Title: https://www.slipstreamti.com/forum/what-s-your-favorite-show/yikyhtyityiyi

Search URL Search Domain Scan URL

URL: https://karantina.pertanian.go.id/question2answer/index.php?qa=265612&qa_1=yikyjyytiorurtutri
Title: https://karantina.pertanian.go.id/question2answer/index.php?qa=265612&qa_1=yikyjyytiorurtutri

Search URL Search Domain Scan URL

URL: http://www.paste4btc.com/
Title: http://www.paste4btc.com

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 12

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 18

http://paste4btc.disqus.com/embed.js HTTP 301
https://paste4btc.disqus.com/embed.js

Request Chain 40

http://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0 HTTP 307
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0

Request Chain 41

http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7 HTTP 301
https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Request Chain 44

http://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30 HTTP 307
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30

Request Chain 45

http://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7 HTTP 301
https://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Request Chain 50

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2 HTTP 307
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2

Request Chain 61

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3Dpaste4btc%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523428bca%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26typeface%3Dsans-serif%26disqus_version%3Dbb0e8f2&c9=http%3A%2F%2Fpaste4btc.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3Dpaste4btc%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523428bca%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26typeface%3Dsans-serif%26disqus_version%3Dbb0e8f2&c9=http%3A%2F%2Fpaste4btc.com%2F&cs_ak_ss=1

Request Chain 118

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCMzesoMGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1

Request Chain 119

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7 HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=0dd852c0-970a-11eb-916a-0a045a1c45ea&companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Request Chain 121

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP 307
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Request Chain 124

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1247141728252991687 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=091863c2-078e-4b61-b848-63108468be3a%3A1617735500.3&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc753c0f024r1g00 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c753c0f024r1g00 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1247141728252991687

Request Chain 125

https://p.rfihub.com/cm?pub=39342&in=1&userid=091863c2-078e-4b61-b848-63108468be3a%3A1617735500.3&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=875739025709990642 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c753c0f024r1g00 HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=vo2NDVAf3Zt7GSkoCnrX37BvjXLu3R10

Request Chain 128

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a&tbid=f0fbf039-08f5-4040-bc9d-9f16dadb45fb-tuct76634cd&query=taboola_hm%3Daaba6003-d836-4822-893c-d675b027f76a&isDirect=0

Request Chain 130

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=L68lyxrZSIsC&ev=1&orig=trc&pid=562107

Request Chain 131

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1247141728252991687&orig=trc

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBGexORsX640EKaAb5FTHoY&google_cver=1

Request Chain 134

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd70b770-b28f-4c8d-9ac0-d5e4b3c65277-tuct76634cd

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc81d623-25bf-415b-88c1-9255c2e4fd2d

Request Chain 136

https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 140

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fd9307a-d5a6-4c7a-85d1-e6847b2c6893

Request Chain 141

https://id5-sync.com/s/464/9.gif?puid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEchIy-yRg2NxQzNnuL8cjO5V5heZ8dhKYKjUyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEchIy-yRg2NxQzNnuL8cjO5V5heZ8dhKYKjUyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=a8d6b47e-12d0-4c8b-90bd-2bbfdc26f726&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_116365f6-e043-41bc-999f-d0069f7da7cd&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGeeBM4BMpG97TDwflb1zf8&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGeeBM4BMpG97TDwflb1zf8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1247141728252991687&opid=apx&ops=&utidl=tech:goo:CAESEGeeBM4BMpG97TDwflb1zf8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A16748196772&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=652375b6aa09d1206fbb015709cb49c6&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=215673ab-b862-412e-9d9f-2d20258c28f5&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 142

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=gF5uWtTyDMyAkHveTq9sYA

Request Chain 145

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=77040971-f690-47b9-96dc-02e444c26321&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e4344ef3-87f0-4df7-a591-0fbd17c0a417

144 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set XyA8wtf7 Show response
paste4btc.com/ 15 KB
6 KB 117ms
109ms Document
text/html 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: bc6399a7e490b5b26a2b8b797171577ff78606964d2b611310775e2dfc543d32

Request headers

Host: paste4btc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d023111f0688d2538f94db5d7f52a9b9f1617735495; expires=Thu, 06-May-21 18:58:15 GMT; path=/; domain=.paste4btc.com; HttpOnly; SameSite=Lax PHPSESSID=f98fcb4are7lnp7hsni5dnt977; path=/
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 094a25c91f0000c28608ace000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z0Mb0S%2FgE4%2FHcLYj%2BzfjVzSLqDNRTEgjJgKQHjVnVNivVn1C7hZ%2Bffk8DF%2FRjsg4CdznfUq8nkSFfKEecjmvfUUMvUas6oRvl%2FVlsyYlSpAXdlVELt6%2B4KYn"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 63bd3f21ce53c286-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bootstrap.min.css
paste4btc.com/css/ 98 KB
18 KB 29ms
27ms Stylesheet
text/css 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap.min.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3653
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 17161
cf-request-id: 094a25c9940000c2860e3f9000000001
Last-Modified: Sun, 25 Sep 2016 16:38:36 GMT
Server: cloudflare
Etag: "18679-57e7fd8c-7000058;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBEdIv7FTbpD7x%2Bn0%2Fr8UXtiwGakiFpdim%2Bh1I1fclMOjT%2BV5XbnqfxXRiLatI4SE8mqKCdsqyXKJLEsNqQ7qSgX%2FroC%2FOdaGuzgRWU6qi24lIcsOWhi9W8%2F"}],"max_age":604800}
Content-Type: text/css
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 63bd3f228fd0c286-FRA
Expires: Sat, 05 Dec 2020 23:56:56 GMT

GET
H/1.1 200
OK bootstrap-theme.min.css
paste4btc.com/css/ 13 KB
3 KB 34ms
27ms Stylesheet
text/css 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap-theme.min.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72060928bf66e8ff55b42e653f95429d4777769d790921ff8390eb1068da303

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 2601
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1745
cf-request-id: 094a25c9990000d6e971a6f000000001
Last-Modified: Sun, 25 Sep 2016 16:38:30 GMT
Server: cloudflare
Etag: "3381-57e7fd86-700005b;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pacfhT2UAl7LblqcNaTtYW7KO0kmhIMlIW5BuH6l5kdA9vbPuS6yAc%2F7zwHiRACqIZsBM8KX0vrR%2F4ilvGkniVsni79cP7zzhRu8C%2BbGkGAMDC%2BVp08QAiAe"}],"max_age":604800}
Content-Type: text/css
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 63bd3f228b57d6e9-FRA
Expires: Sat, 21 Nov 2020 04:46:19 GMT

GET
H/1.1 200
OK bootstrap-custom.css
paste4btc.com/css/ 1 KB
1 KB 50ms
43ms Stylesheet
text/css 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/css/bootstrap-custom.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471d87769fca429a428e1af071fe1d86971e42f6aef1e04f144ad1047be73bef

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6198
Cf-Polished: origSize=1566
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c99900004a806ea87000000001
Last-Modified: Sun, 25 Sep 2016 16:38:29 GMT
Server: cloudflare
Etag: W/"61e-57e7fd85-7000059;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BY9qU7CWO%2FOACpugP%2BgJ0MWBFLPvmdip5PrZdXnGuAgz1TlKVo4s%2Bb%2Bq4ngs5vydB4%2BQR6Qg6Z5ZkELqPvrMTcIa49Z%2FAOnbew5Nhn7Zs2dtbEon74h2JhrH"}]}
Content-Type: text/css
Expires: Fri, 20 Nov 2020 02:47:21 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f2288e04a80-FRA
Cf-Bgj: minify

GET
H/1.1 403
Forbidden c284dccfdc0ea6f8a0a4db7ab0960bd3.js
pl9195645.pvclouds.com/c2/84/dc/ 0
0 439ms
191ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl9195645.pvclouds.com/c2/84/dc/c284dccfdc0ea6f8a0a4db7ab0960bd3.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Apr 2021 18:58:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK shCore.js Show response
paste4btc.com/scripts/ 15 KB
9 KB 34ms
27ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shCore.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d1434add65b0b17b5af8c027d77ae7cd8f793053043c09fa08edfa4a165faf

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3332
Cf-Polished: origSize=16175
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c99900004db81a84f000000001
Last-Modified: Sun, 25 Sep 2016 16:38:48 GMT
Server: cloudflare
Etag: W/"3f2f-57e7fd98-8000200;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5vzGBR3QUl4pqpqST5Pdy1mzdXfQ3gBROzgNcnZq2QwdStw9p%2FR2rGXS%2F%2BkU3kgiqy7BS%2BJPunplgvuo5ATDzL4ORarpBUXVrGtDraIs8lPtk%2BMJ5Z1%2FsSzM"}],"max_age":604800}
Content-Type: application/x-javascript
Expires: Thu, 24 Dec 2020 06:01:22 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f228e3b4db8-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK shAutoloader.js Show response
paste4btc.com/scripts/ 1 KB
2 KB 39ms
14ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shAutoloader.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da6654eadb3a4fd3d3eb9d12dba5b933fed332479d84adcf2b7a895a44a570a

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3332
Cf-Polished: origSize=1451
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c9ac00004e1a6c39c000000001
Last-Modified: Sun, 25 Sep 2016 16:38:45 GMT
Server: cloudflare
Etag: W/"5ab-57e7fd95-80001f4;gz"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0fQW5TUXJUzdb%2BrcE61E51QlcajJwVGBzut81qAPv%2FOp8aTvukaSagswLxv5fqQb3deoiQEzRpxXOAHA6XYPXNiBTtXxT%2BS5AYbYM8e6y0bw4ZogcjgMYZF4"}],"max_age":604800,"group":"cf-nel"}
Content-Type: application/x-javascript
Expires: Sun, 17 Jan 2021 08:26:18 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f22adf34e1a-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK shCoreDefault.css
paste4btc.com/styles/ 7 KB
2 KB 45ms
38ms Stylesheet
text/css 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/styles/shCoreDefault.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a199a96d76b9533e3a3597dc040c5a866c2e3d4f944e01f2a04a0ccfbfe82a5d

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2134
Cf-Polished: origSize=8704
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c99900004e6db52ae000000001
Last-Modified: Sun, 25 Sep 2016 16:38:49 GMT
Server: cloudflare
Etag: W/"2200-57e7fd99-780024c;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eEgw1%2FywysNI8hJFrzYu9guzywCm%2B441V%2BD1DbKcNWLocjXwDrrSg5cF%2BarZqnX3sXGEqkuMrNsI3dHur2latagp7Zy713kNTklyTJD9AgPKuB8b6Qx5v0LX"}],"max_age":604800}
Content-Type: text/css
Expires: Fri, 20 Nov 2020 02:47:21 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f228b674e6d-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK shThemeEclipse.css
paste4btc.com/styles/ 2 KB
1 KB 24ms
18ms Stylesheet
text/css 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/styles/shThemeEclipse.css
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13db7ce6e9f290465fb29e8312c7c95aab701764bd1d910c97d08c55139ae3b

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2134
Cf-Polished: origSize=3193
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c99900004e1a739b9000000001
Last-Modified: Sun, 25 Sep 2016 16:38:50 GMT
Server: cloudflare
Etag: W/"c79-57e7fd9a-78002aa;gz"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m5JsXtYJTLUTBi7o5dl3%2B8Rb30v4M8xcvaQ5oCAIxm%2F8NBhWXPgVBEK158uVGgl5%2FXtOwD0vsRjchcvBoS5zpCtaPZRV%2F%2FECc%2FKvD5VEMlAeijEI8JBRe1ZY"}],"max_age":604800,"group":"cf-nel"}
Content-Type: text/css
Expires: Fri, 20 Nov 2020 02:47:21 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f228db34e1a-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK jquery.min.js Show response
paste4btc.com/js/ 94 KB
34 KB 45ms
16ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/jquery.min.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 6494
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 33498
cf-request-id: 094a25c9b00000c286ad88b000000001
Last-Modified: Sun, 25 Sep 2016 16:38:45 GMT
Server: cloudflare
Etag: "1787c-57e7fd95-6c0023c;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D2HK5nIl0e0SrhLqyj3zWHbiNUNNssricH3db6lcv%2FPsuX6eMpe8Mc0be0DWyLqL2v%2FCCpmZOGRviBER8cwCfaya76NhgjB8BExw8ePWtgVVbmqGy1rFdnpS"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 63bd3f22b814c286-FRA
Expires: Tue, 23 Feb 2021 08:42:06 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
paste4btc.com/js/ 28 KB
8 KB 48ms
15ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/bootstrap.min.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 5801
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7698
cf-request-id: 094a25c9b40000d6e9cc1dc000000001
Last-Modified: Sun, 25 Sep 2016 16:38:43 GMT
Server: cloudflare
Etag: "71b6-57e7fd93-6c00239;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHLuXmFAt6ISkfMiZwju9Hu814P2MLL6Kja7uuX7%2FmxzLBSrHDiSqDL87Ov0XnSb5Hi5%2F%2B%2Bq5N9zW6tRvHpIB1ag1droGT4SBu9w1LZMlS9w%2FXGua%2FY0yPLL"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 63bd3f22bbc8d6e9-FRA
Expires: Sat, 05 Dec 2020 23:56:56 GMT

GET
H/1.1 200
OK menu.js Show response
paste4btc.com/js/ 365 B
1 KB 46ms
13ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/js/menu.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a610cdaf887383f775d316a703e7b75c6cbb8a0ac4d56b2b14723a6eb1fde4fe

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 2601
Cf-Polished: origSize=440
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25c9b500004db8041ee000000001
Last-Modified: Sun, 25 Sep 2016 16:38:44 GMT
Server: cloudflare
Etag: W/"1b8-57e7fd94-6c00238;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uEaxt8ZxIhIhOPcIbMgIaLvSHtcCJs40UmdwlhheVShonrLI81P9hwUXNCEwg7BS%2BKoKUedBu2WSo%2F63SKE9RE%2FVVJgG1DGn0x8tYqT07147tcHYRdu7BO9w"}],"max_age":604800}
Content-Type: application/x-javascript
Expires: Thu, 24 Dec 2020 06:01:22 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f22bea04db8-FRA
Cf-Bgj: minify

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

64ms
23ms

Script
application/javascript

23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 06 Apr 2021 18:58:16 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
17 KB

56ms
56ms

Script
text/javascript

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
date: Tue, 06 Apr 2021 18:58:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17432
expires: Tue, 06 Apr 2021 20:58:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
385 B 45ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=728104252&t=pageview&_s=1&dl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&ul=en-us&de=UTF-8&dt=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=33474723&gjid=627322912&cid=1092680688.1617735496&tid=UA-50173241-1&_gid=2008176514.1617735496&_r=1&_slc=1&z=1569327409

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:58:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://paste4btc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK invoke.js Show response
www.bnhtml.com/ 11 KB
6 KB 204ms
177ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.bnhtml.com/invoke.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

571dc3712301ff53f957b5a3bf519de0601ada35b45ee54494be97a2025db9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: ad81f613c4d813519d3833c862970b55
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
paste4btc.com/fonts/ 23 KB
23 KB 23ms
23ms Font
application/font-woff 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/fonts/glyphicons-halflings-regular.woff
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/css/bootstrap.min.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Origin: http://paste4btc.com
Referer: http://paste4btc.com/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 764
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25cb500000d6e99b13d000000001
Last-Modified: Sun, 25 Sep 2016 16:38:41 GMT
Server: cloudflare
Etag: W/"5b18-57e7fd91-7c00237;;;"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HLMtDUwNjZAVA%2B8CgnS88ZizjqTOb0Iao6nyb5c7K8%2B%2F0NhofKNfVBgV0537rgJ6sYuctTgcPKC3AtSO18OO2mHLbPClMehhl6MqkGC%2F3RO0%2BcH92%2BrWIYd%2B"}],"max_age":604800}
Content-Type: application/font-woff
Cache-Control: max-age=86400
CF-RAY: 63bd3f2548ead6e9-FRA

GET stats
venetrigni.com/ 0
0

GET
H/1.1 200
OK 980375 Show response
ad.a-ads.com/ Frame 7322 6 KB
2 KB 2036ms
2029ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980375?size=468x60

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

0c2a7c0988b0efb6a72d0095a2179926cfb885781cb86e453f2137419e34ca4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 06 Apr 2021 18:58:18 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://paste4btc.com/
Content-Encoding: gzip

GET
H/1.1

200
OK

embed.js Show response
paste4btc.disqus.com/
Redirect Chain

http://paste4btc.disqus.com/embed.js
https://paste4btc.disqus.com/embed.js

73 KB
24 KB

179ms
160ms

Script
application/javascript

151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://paste4btc.disqus.com/embed.js

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

0a432d488e1102c109501dd16bfdf19c1301e45232b5714586d448b3ab79da52

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:18 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24313

Redirect headers

Date: Tue, 06 Apr 2021 18:58:18 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: text/html
Location: https://paste4btc.disqus.com/embed.js
Cache-Control: public, max-age=31536000
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 219

GET
H/1.1 200
OK r.php Show response
www.ctx.me/ Frame 2CB8 143 B
362 B 2010ms
29ms Document
text/html 91.121.90.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctx.me/r.php
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 91.121.90.131 , France, ASN16276 (OVH, FR),
Reverse DNS: l10.nikos-hosting.com
Software: nginx /
Resource Hash: 93b4950fb54129d7fd234a5cc5b51c06a6a778e8ad110c76dc422bf91782f75e

Request headers

Host: www.ctx.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx
Date: Tue, 06 Apr 2021 18:58:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Content-Encoding: gzip

GET stats
venetrigni.com/ 0
0

GET
H/1.1 200
OK 980377 Show response
ad.a-ads.com/ Frame CD79 7 KB
3 KB 1995ms
33ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980377?size=240x400

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

4e9ea9751896855bd8ef213566d87158c883babf1bfaace1181611312f6bc92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 06 Apr 2021 18:58:18 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://paste4btc.com/
Content-Encoding: gzip

GET
H/1.1 200
OK 980376 Show response
ad.a-ads.com/ Frame F74A 6 KB
2 KB 1986ms
25ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/980376?size=990x90

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

ac9f755daf0e57aab99de190b88eaceb1d197da37a773abd52d1651a414166d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 06 Apr 2021 18:58:18 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://paste4btc.com/
Content-Encoding: gzip

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 1979ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:18 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59030
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-53f4ade46a3c21e4/ 823 B
526 B 2153ms
2151ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-53f4ade46a3c21e4/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c879ed9ca3d7073371e3eb0def4da6d749ca1091453940bf34958b95ec4e4a7

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:18 GMT
content-encoding: gzip
etag: 755048120--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 351

GET watch.1346683595057.js
www.urldelivery.com/ 0
0

GET watch.381441996187.js
www.urldelivery.com/ 0
0

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/140588/ Frame 7322 17 KB
18 KB 24ms
17ms Image
image/png 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/140588/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/980375?size=468x60
Protocol: HTTP/1.1
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a2033afa7788fe05e51b24636bbc3b44c0d65a4b9fb853aebcf5a132245329d

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:18 GMT
Last-Modified: Wed, 24 Mar 2021 17:12:24 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: 6NTKBAC8QRV004S1
ETag: "20374bf97549f7c5390cf3cbf73d948d"
Content-Type: image/png
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 17482
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 5w9WMSzEjq7cR6qmWBw9U53.a4sWxf0S
x-amz-id-2: zLBWJX0+0/joYIgxzpiofhvMHvOhlTEdzYqpKaaFNTZ/DKvx2t0NVa96Esgr/HqPBuA/587QQiM=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 7322 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F74A 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bv.gif
www.ctx.me/i/ Frame 2CB8 20 KB
21 KB 19ms
18ms Image
image/gif 91.121.90.131
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ctx.me/i/bv.gif
Requested by: Host: www.ctx.me
URL: http://www.ctx.me/r.php
Protocol: HTTP/1.1
Server: 91.121.90.131 , France, ASN16276 (OVH, FR),
Reverse DNS: l10.nikos-hosting.com
Software: nginx /
Resource Hash: 6e6fa372809932cf94b466e62f7eb942162957fc1c89635b619d5c07ed517dad

Request headers

Referer: http://www.ctx.me/r.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:18 GMT
Last-Modified: Wed, 19 Apr 2017 19:41:31 GMT
Server: nginx
ETag: "58f7bd6b-511e"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 20766
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame CD79 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK stats Show response
venetrigni.com/ 40 B
413 B 15ms
14ms XHR
text/html 54.93.136.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://venetrigni.com/stats
Requested by: Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js
Protocol: HTTP/1.1
Server: 54.93.136.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-136-159.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: d8125bad68732a7c6166f468a6f14d75b4a64707e1752b1341d42d446c2d1c57

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://paste4btc.com
Date: Tue, 06 Apr 2021 18:58:18 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: keep-alive
Content-Length: 40
Content-Type: text/html; charset=UTF-8

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 41ms
23ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2939446
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 094a25d4de000005e9dc0fd000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 63bd3f349e1705e9-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ 0
93 KB 45ms
28ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2422087
strict-transport-security: max-age=300; includeSubdomains
content-length: 94786
cf-request-id: 094a25d4e3000005e987bd9000000001
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 17:57:38 GMT
server: cloudflare
etag: "6047b712-17242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 63bd3f349e1b05e9-FRA
x-amz-cf-id: iGbO1sC_L2SXajbXh3fns4o9OWy9yuPPlUqsvZKLIHAqbdlN6Dbhow==
expires: Wed, 09 Mar 2022 18:10:09 GMT

GET
H2 200 lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js
c.disquscdn.com/next/embed/ 0
115 KB 52ms
35ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1114738
strict-transport-security: max-age=300; includeSubdomains
content-length: 117042
cf-request-id: 094a25d4df000005e9a58b3000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-1c932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 63bd3f349e1c05e9-FRA
x-amz-cf-id: wHMVdFIOKMWmxOB1tyUv-pM5OppW3IdhZaJR7RDK4a0KJo8VIfLMZg==
expires: Thu, 24 Mar 2022 21:19:19 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 26ms
9ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:18 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 37
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11508
X-XSS-Protection: 1; mode=block

GET
H/1.1 503
Too many variants recommendations.js
paste4btc.disqus.com/ 0
0 3721ms
3720ms Script
text/html 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://paste4btc.disqus.com/recommendations.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:22 GMT
Server: Varnish
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 445
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK Cookie set watch.381441996187 Show response
www.urldelivery.com/ Frame 4878 103 B
562 B 7207ms
7206ms Document
text/html 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.urldelivery.com/watch.381441996187?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=3e715530-ae5a-4060-98a5-5ec89712cd02%3A1%3A1

Requested by

Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js

Protocol

HTTP/1.1

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Host: www.urldelivery.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx/1.17.6
Date: Tue, 06 Apr 2021 18:58:26 GMT
Content-Type: text/html
Content-Length: 103
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=9095175; expires=Wed, 07 Apr 2021 18:58:22 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 582c64250a4086d16f72462a3015fc7c
Strict-Transport-Security: max-age=0; includeSubdomains

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 24ms
24ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 06 Apr 2021 18:58:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2

200

info.json Show response
www.reddit.com/api/
Redirect Chain

http://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0

126 B
589 B

143ms
121ms

Script
application/javascript

151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

021eaff8339f449249cb2736cf21dbc7f28f5a46457a07267c4e80fcf7d9e908

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
x-content-type-options: nosniff
content-length: 126
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

Redirect headers

Location: https://www.reddit.com/api/info.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_bitu0
Non-Authoritative-Reason: HSTS

GET
H2

200

share.php Show response
vk.com/
Redirect Chain

http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

21 B
436 B

132ms
51ms

Script
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.106751

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.106751
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

Redirect headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Frontend: front512006
Server: kittenx
Content-Type: text/html
Location: https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
286 B 194ms
187ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&callback=_ate.cbs.rcb_cf2w0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aaba1d699096480e6fcd12e5fa969828791edf397334a90ba6f8358c6ae6a8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: paste4btc.com/xya8wtf7
last-modified: Tue, 06 Apr 2021 18:58:19 GMT
server: nginx/1.15.8
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
257 B 188ms
182ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://paste4btc.com/XyA8wtf7
last-modified: Tue, 06 Apr 2021 18:00:00 GMT
server: nginx/1.15.8
date: Tue, 06 Apr 2021 18:58:19 GMT
content-type: application/json
access-control-allow-origin: http://paste4btc.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2

200

info.json Show response
www.reddit.com/api/
Redirect Chain

http://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30

126 B
231 B

222ms
200ms

Script
application/javascript

151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

e8ca539df2a065e14ebfe8808be60b08f5c25ac24c86aba584a36c15a1bc0947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
x-content-type-options: nosniff
content-length: 126
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

Redirect headers

Location: https://www.reddit.com/api/info.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&jsonp=_ate.cbs.rcb_6pv30
Non-Authoritative-Reason: HSTS

GET
H2

200

share.php Show response
vk.com/
Redirect Chain

http://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
https://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

21 B
437 B

130ms
50ms

Script
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.106751

Resource Hash

5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.106751
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

Redirect headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Frontend: front512006
Server: kittenx
Content-Type: text/html
Location: https://vk.com/share.php?act=count&index=1&url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
286 B 197ms
192ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&callback=_ate.cbs.rcb_1t2h0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

cb2d773050f8843665bfba7a8cd6438764cdb5445a71f3d956fd8bbcbd2ece9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: paste4btc.com/xya8wtf7
last-modified: Tue, 06 Apr 2021 18:58:19 GMT
server: nginx/1.15.8
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame C308 6 KB
4 KB 197ms
197ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

520690624c7ff50a77d21688784eb39e805777b47305a543199cedf317025b61

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Connection: keep-alive
Content-Length: 2675
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Wed, 10 Feb 2021 00:14:32 GMT
ETag: W/"lounge:view:8391522630.e438127191f782c6475ef0a1b80a53be.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Tue, 06 Apr 2021 18:58:19 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
c.disquscdn.com/next/embed/assets/img/ 1 KB
1 KB 24ms
24ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8780447
strict-transport-security: max-age=300; includeSubdomains
content-length: 1042
cf-request-id: 094a25d554000005e97ca4d000000001
timing-allow-origin: *
last-modified: Fri, 13 Nov 2020 18:39:53 GMT
server: cloudflare
etag: "5faed2f9-412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 63bd3f35584005e9-FRA
expires: Wed, 17 Nov 2021 18:15:25 GMT

GET
H/1.1

200
OK

/ Show response
tempest.services.disqus.com/ads-iframe/taboola/ Frame 3D69
Redirect Chain

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&source...
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourc...

27 KB
9 KB

223ms
205ms

Document
text/html

151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Requested by: Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: c15d4cf50e5720a7fcca1de952f88d7b1fa63d854985a67eed2151489d376e34

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Connection: keep-alive
Content-Length: 9217
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Tue, 06 Apr 2021 18:58:19 GMT
Age: 0
Vary: Accept-Encoding,

Redirect headers

Location: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 143ms
110ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 146ms
113ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7556hkcfs4oas&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=paste4btc&zone=thread&version=a658a7c16140d8728cc859daf581cbbc&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3201658

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 lounge.load.a658a7c16140d8728cc859daf581cbbc.js Show response
c.disquscdn.com/next/embed/ Frame C308 1 KB
1 KB 40ms
17ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.a658a7c16140d8728cc859daf581cbbc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce33b36f16a953ed16394b859ee8f1a6e7fd9785869fe62e3af78aa019c07f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1114739
strict-transport-security: max-age=300; includeSubdomains
content-length: 535
cf-request-id: 094a25d63400004eb628086000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 63bd3f36bb224eb6-FRA
x-amz-cf-id: UvupA6cr16mXG4PtlTB7U9JZSc9DPN4CceokOKQXSpBYeLhaNgD-yw==
expires: Thu, 24 Mar 2022 21:19:18 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 3D69 246 KB
37 KB 26ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67d9f7ce75567c65f973c7565a6acae5721f278252a91b269d42bac9b0257dbb

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8SFL9z4bQxJmsqmg4msma1NHqZ7AaFN0
content-encoding: gzip
etag: "76951390bc543614ce3c290763a88b72"
age: 6
x-cache: HIT
content-length: 37348
x-amz-id-2: XTgRuq97jJvYYAE64h+g8+lHb/9CNRYpalNq+CUEexq5VgB6bzJVLAT5/poE1eg+zqsqnc97UYw=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 10:16:02 GMT
server: AmazonS3
x-timer: S1617735499.354382,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: N8TQYVH9C7CXH8TD
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 53
x-cache-hits: 2

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js Show response
c.disquscdn.com/next/embed/ Frame C308 282 KB
93 KB 18ms
18ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.a658a7c16140d8728cc859daf581cbbc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2422088
strict-transport-security: max-age=300; includeSubdomains
content-length: 94786
cf-request-id: 094a25d649000005e9a73b3000000001
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 17:57:38 GMT
server: cloudflare
etag: "6047b712-17242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 63bd3f36dcb305e9-FRA
x-amz-cf-id: iGbO1sC_L2SXajbXh3fns4o9OWy9yuPPlUqsvZKLIHAqbdlN6Dbhow==
expires: Wed, 09 Mar 2022 18:10:09 GMT

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ Frame C308 126 KB
22 KB 22ms
22ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2939447
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 094a25d67a000005e99b12f000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 63bd3f372d9e05e9-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 impl.20210406-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 3D69 476 KB
109 KB 9ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rLJ92lBU3RqOJMTJh5LXtsaSRAioZ1uE
content-encoding: br
etag: "3a83308a8fe7086bc32fe56d25665737"
age: 11584
x-cache: HIT
content-length: 111743
x-amz-id-2: Pi39iwY3X2JbJp01BFHzbvmsboe8VKjl2WO9O1O2mOHe4Zu4hmGzHjMdcQ8kPK9wG5SLFJmJeZc=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 07:27:59 GMT
server: AmazonS3-br
x-timer: S1617735499.401736,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: 2DFNPWZQKMJ7RDBQ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 47
x-cache-hits: 116966

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 3D69 1 KB
1 KB 11ms
10ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 07 Apr 2021 18:58:19 GMT

GET
H2 200 lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js Show response
c.disquscdn.com/next/embed/ Frame C308 453 KB
115 KB 30ms
30ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8fc5b6de8c12b2eac649cc45206787aa6d5c9ab0987020574349688c3df288

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1114739
strict-transport-security: max-age=300; includeSubdomains
content-length: 117042
cf-request-id: 094a25d688000005e90317c000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-1c932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 63bd3f374de405e9-FRA
x-amz-cf-id: wHMVdFIOKMWmxOB1tyUv-pM5OppW3IdhZaJR7RDK4a0KJo8VIfLMZg==
expires: Thu, 24 Mar 2022 21:19:19 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame C308 11 KB
12 KB 9ms
7ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9fa67da84c690615b1dc83b460c777f1c0c9fa1799c60f9681b4fc7876787136

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 37
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11508
X-XSS-Protection: 1; mode=block

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 3D69
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%2...

0
528 B

8ms
7ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3Dpaste4btc%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523428bca%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26typeface%3Dsans-serif%26disqus_version%3Dbb0e8f2&c9=http%3A%2F%2Fpaste4btc.com%2F&cs_ak_ss=1
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617735499416&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3Dpaste4btc%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523428bca%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26typeface%3Dsans-serif%26disqus_version%3Dbb0e8f2&c9=http%3A%2F%2Fpaste4btc.com%2F&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 3D69 17 KB
7 KB 121ms
119ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=20%3A58%3A19.463&lti=deflated&data=%7B%22id%22%3A960%2C%22ii%22%3A%22%2Fxya8wtf7%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617704160530%2C%22vi%22%3A1617735499461%2C%22cv%22%3A%2220210406-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22http%3A%2F%2Fpaste4btc.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A921%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A921%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fposition%3Dtop%26shortname%3Dpaste4btc%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523428bca%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26typeface%3Dsans-serif%26disqus_version%3Dbb0e8f2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fpaste4btc.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22paste4btc%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fpaste4btc.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22paste4btc%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e6b99558c6a7ab35d33dc3696e568fb56313b84543877888a2ecbce41c7afee

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 109
date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
server: nginx
x-timer: S1617735499.472214,VS0,VE109
x-served-by: cache-hhn11524-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame C308 3 KB
3 KB 119ms
118ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=paste4btc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b08aa529daee9dbe037fdc8cd91463b2a332e05eac979df9c4d9fd2659f820c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2982
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/survey/ Frame 9B22 14 KB
6 KB 134ms
133ms Document
text/html 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 8b818fd0c9f6996969ef69be6a3796890f0c4449d261ad2b5cdcd25d824445d3

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: disqus_unique=753c0f024r1g00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Response headers

Connection: keep-alive
Content-Length: 5390
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Tue, 06 Apr 2021 18:58:19 GMT
Age: 0
Vary: Accept-Encoding,

GET
H2 200 noavatar92.png
a.disquscdn.com/1616607624/images/ Frame C308 2 KB
2 KB 31ms
13ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1616607624/images/noavatar92.png

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1117630
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: r6AREIbv-oIfwNBdj4FfWYmayTJvICDhgNtPuCBasUlhck9uDoDKng==
expires: Fri, 23 Apr 2021 20:31:09 GMT

GET
DATA 200
OK truncated
/ Frame C308 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame C308 43 B
295 B 112ms
111ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7556hkcfs4oas&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=paste4btc&zone=thread&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&page_referrer=http%3A%2F%2Fpaste4btc.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3201658

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
26 KB 21ms
20ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: paste4btc.disqus.com
URL: http://paste4btc.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8802935
strict-transport-security: max-age=300; includeSubdomains
content-length: 26578
cf-request-id: 094a25d743000005e99fbc9000000001
timing-allow-origin: *
last-modified: Mon, 23 Nov 2020 17:22:41 GMT
server: cloudflare
etag: "5fbbefe1-67d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 63bd3f38690205e9-FRA
x-amz-cf-id: iwXvkWWneYUzTgpoGXrolZxBkoZQ2bfC3Qst_9vVPBWLaqb-vIiHXg==
expires: Mon, 29 Nov 2021 02:25:38 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C308 13 KB
13 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13275212
strict-transport-security: max-age=300; includeSubdomains
content-length: 13079
cf-request-id: 094a25d74b000005e987822000000001
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-3317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 63bd3f38791d05e9-FRA
expires: Tue, 19 Oct 2021 19:08:20 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame C308 3 KB
3 KB 17ms
17ms Image
image/gif 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4272606
strict-transport-security: max-age=300; includeSubdomains
content-length: 2971
cf-request-id: 094a25d74f000005e993130000000001
timing-allow-origin: *
last-modified: Mon, 14 Dec 2020 22:46:46 GMT
server: cloudflare
etag: "5fd7eb56-b9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 63bd3f38794405e9-FRA
x-amz-cf-id: EvCMTWKCjvve0qmqQvWzwZWa75ce5tSol6Ycs2_dayHQ8JpFyq0ZUw==
expires: Fri, 17 Dec 2021 09:57:52 GMT

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame C308 2 KB
2 KB 22ms
22ms Image
image/png 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4272606
strict-transport-security: max-age=300; includeSubdomains
content-length: 1862
cf-request-id: 094a25d750000005e981304000000001
timing-allow-origin: *
last-modified: Mon, 18 Jan 2021 17:33:12 GMT
server: cloudflare
etag: "6005c658-746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW53-C1
accept-ranges: bytes
cf-ray: 63bd3f38794505e9-FRA
x-amz-cf-id: EgON8tp8Et0Hc79zmS9Vbrl1C9iZJkMbKnffWBuVEXPBZ0W_DSkg6Q==
expires: Fri, 21 Jan 2022 12:21:07 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame C308 8 KB
8 KB 27ms
27ms Font
application/octet-stream 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4272605
strict-transport-security: max-age=300; includeSubdomains
content-length: 7900
cf-request-id: 094a25d75200004eb69e1f2000000001
timing-allow-origin: *
last-modified: Wed, 03 Feb 2021 18:02:57 GMT
server: cloudflare
etag: "601ae551-1edc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 63bd3f3879244eb6-FRA
x-amz-cf-id: Rgooauymwnrvp5ORnFt12m3Cagi0Qgi2D6GgELQK7gROkGCk4txtzw==
expires: Sun, 06 Feb 2022 07:54:37 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 3D69 13 KB
5 KB 20ms
19ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7474826a7899a6d07f454946ba3f1156161cd9a84247c4a18e7ea6a3fc1c784b

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jTb9JpL2bWR8xmQjz_DG9sFF5wIEimoq
content-encoding: gzip
etag: "9c906e3a0def1030bf63438c52b761e6"
age: 14980
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4445
x-amz-id-2: LEeG0YPRb9d4CIcXQsHKbLNiM3uAVP+V213VRJukdz8PzjfAI+4lHj5kBeyRglMDPlTbW3T3nwc=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 14:48:02 GMT
server: AmazonS3
x-timer: S1617735500.714403,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: JY82QFS7PG4NK95J
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 47
x-cache-hits: 220744

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 3D69 2 KB
971 B 20ms
19ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 14974
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1617735500.714352,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 47
x-cache-hits: 206321

GET
H2 200 tfa-eid.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 3D69 13 KB
5 KB 17ms
17ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d7181620be300c6568ac9d72aac042d93498380bc83d5545db0d22073e21ea

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Dhr715km3x8DBJebrOJDM2LRfDWhz7_4
content-encoding: gzip
etag: "31cd0debd1e5c63aede5c89d58243786"
age: 22
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4857
x-amz-id-2: yv8B5QSl9U03WfFzIEXhSRo8mAuXrXnZBmr5J+duCnoqeovCbr1etAfjLVZCwFeb3gAEUaAkH7E=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 10:39:55 GMT
server: AmazonS3
x-timer: S1617735500.714349,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: F02CYXRKK861C3SA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 308

GET
H2 200 sha256.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 3D69 6 KB
3 KB 17ms
16ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99da5c0f78a0aa5fde3c413e67522c36d2d97af7a2823e892afd082e38d052b1

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lj9aJl4qBHDhe_27jkbraYLBUOL86FSP
content-encoding: gzip
etag: "c1a4b4e5c8315bf49a86715df01ea1f5"
age: 14
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: NeTOMdUi3aAmIff0qKl6Pci+8ndM1ltFiQHN/K0J4E4R+mpsfUHzNN81Ko+u/WQf11bzVzzBx9o=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 10:40:05 GMT
server: AmazonS3
x-timer: S1617735500.714333,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: S651ZQ3RW84HRH8M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 189

GET
H2 200 tb Show response
15.taboola.com/ Frame 3D69 4 KB
3 KB 20ms
18ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22http%3A%2F%2Fpaste4btc.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22paste4btc%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=http%3A%2F%2Fpaste4btc.com%2F&cirf=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&encoded=1&uid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&variant=-100|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1617735499721&tagid=&cntry=DE&platform=1&sesid=8f5ed88fca805a62d35efae61e2747d5&itemid=/xya8wtf7&viewid=1617735499461&geolat=&geoing=&deviceifa=&appid=&sd=v2_8f5ed88fca805a62d35efae61e2747d5_4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb_1617735499_1617735499_CIi3jgYQktQ_GMX9ssSKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ri=9ca8f3f4ef0321193f88f9d6dd0587bf&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 67283bde49a5a2cd26952d96dfa5cdcdd9e0eed1ac1d1a6d1d820a887a20263a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
access-control-allow-origin: https://tempest.services.disqus.com
machineid: 1429
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11524-HHN
pragma: no-cache
server: nginx
x-timer: S1617735500.726659,VS0,VE12
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 3D69 23 KB
8 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92d29ddb8ae4beefaa8067b2285d98d9be8e403f3eafc711455b3291c6b7522e

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ExOm6pmIXBxs1lDtySidM6nu3sH7A.mC
content-encoding: gzip
etag: "3b5c2633078870153f11ef9064b21f5b"
age: 21
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7856
x-amz-id-2: DT8B0dSuX/FcdiGUWvPiTAOhqff5xD6nXiUXqjwZh4u2UaIy6BGDUJ2biMWF6FhU1o9rs0FbCdQ=
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 06 Apr 2021 10:39:50 GMT
server: AmazonS3
x-timer: S1617735500.725803,VS0,VE0
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
x-amz-request-id: MV0RFW83Y3VYF41E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 49

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C308 13 KB
13 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13275212
strict-transport-security: max-age=300; includeSubdomains
content-length: 13079
cf-request-id: 094a25d7df000005e9c3a80000000001
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-3317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 63bd3f396bb605e9-FRA
expires: Tue, 19 Oct 2021 19:08:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C308 3 KB
2 KB 20ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ff3757435f9bf2e1181dff65c9bc546b63f167308487f8cdd344c8a694d8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oxxyF5POZIzDDYMn2M7ZwA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: q9IMja5krIIAqqHXJOYYqQfIsS531oj0EKvCCvA3uJn1fyyZQOO2PXgXCQk3MxOO2WLyRvuJ/+GaWPmxCLyC6A==
x-fb-trip-id: 686109401
x-fb-content-md5: 5c29122c3b59cb747936382cb2431166
x-frame-options: DENY
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "54e2b51896f6534c6509e95e2492ba71"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 06 Apr 2021 19:17:50 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame C308 12 KB
5 KB 29ms
26ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-self4BUdvTmCXa3uEFqtog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6873478039673be44cc70fd23da24c6e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-self4BUdvTmCXa3uEFqtog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 06 Apr 2021 18:58:19 GMT

GET
H2 200 1268234666__XPVTagMH.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1677,y_662/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 3D69 13 KB
13 KB 12ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1677,y_662/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1268234666__XPVTagMH.jpg
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cfe0a8e583e571742679f42c4c69f620a2e4b3c759e819228a6fda40124c897f

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 97752
edge-cache-tag: 587514632163983733448266337336314927501,330227439643261220027728163643961833908,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1677,y_662/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1268234666__XPVTagMH.jpg
content-length: 12996
x-request-id: d1c71bc715c8ccce84485600b2c67c7f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 19 Mar 2021 14:07:50 GMT
server: nginx
x-timer: S1617735500.760142,VS0,VE0
etag: "b2e77bed4f915cb760b90d81a39d7f34"
x-served-by: cache-wdc5562-WDC, cache-dca17781-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 7

GET
H2 200 00296fae472be544317d713708aa4053.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 5 KB
6 KB 12ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 4927
edge-cache-tag: 341414001868996152015918467112407887788,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
content-length: 5628
x-request-id: 625bdced210a6b5b7e772e3954d8b2bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 06 Apr 2021 07:26:26 GMT
server: nginx
x-timer: S1617735500.760137,VS0,VE0
etag: "fb519243048a6647dda505a16b98f5da"
x-served-by: cache-wdc5559-WDC, cache-dca17746-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3

GET
H2 200 805351b6218a2f60d3e640217377382b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 8 KB
9 KB 12ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805351b6218a2f60d3e640217377382b.jpg
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6edd55c90820ad3a38cc99654e11c224801e06f81758dae0213a672c32a805d

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 1074188
edge-cache-tag: 629205404148234293207330076452853235207,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805351b6218a2f60d3e640217377382b.jpg
content-length: 8274
x-request-id: 4457267038136a9317e95adecbe5b622
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sun, 21 Mar 2021 17:05:39 GMT
server: nginx
x-timer: S1617735500.760097,VS0,VE0
etag: "014908e7f4a07618e4a0cdbcbeaef0f6"
x-served-by: cache-wdc5553-WDC, cache-dca17745-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 7

GET
H2 200 b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 4 KB
4 KB 11ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b76d6d505a0150c3ad73e6b4911973e5a881fa86bdd9c8eabb2199490cdb57

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 2187395
edge-cache-tag: 328041845518604324911670138800288517736,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
content-length: 4080
x-request-id: 89ee36c1d1360308a73ba688c151df55
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 24 Feb 2021 17:08:58 GMT
server: nginx
x-timer: S1617735500.760192,VS0,VE0
etag: "c9c9edf8b1536057b723afa94e9fc0c6"
x-served-by: cache-wdc5572-WDC, cache-dca17748-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 4185e8d1d6f19a719d094f27ee4a17fb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 15 KB
16 KB 11ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4185e8d1d6f19a719d094f27ee4a17fb.jpeg
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 511ea2852940aae3172b88eadf501cd483dbb0c7e3040ac9ce78b66c863a197c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 2153148
edge-cache-tag: 315632420742295326161718656141284752666,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4185e8d1d6f19a719d094f27ee4a17fb.jpeg
content-length: 15564
x-request-id: 4f8a0093a22f2975a6e5322a6736e4fc
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Fri, 12 Mar 2021 13:02:15 GMT
server: nginx
x-timer: S1617735500.760103,VS0,VE0
etag: "c5eda66a67da6f4bb61665397167575e"
x-served-by: cache-wdc5563-WDC, cache-dca17760-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 de45f5482b4193edd0dd4f8b3f20ff5a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 6 KB
6 KB 11ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de45f5482b4193edd0dd4f8b3f20ff5a.png
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85f79f0e9877d52af381a09df4789145de51a35e1b810fcfe5d5d2b26702373c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 43043
edge-cache-tag: 621940538935378814140820396355355251556,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de45f5482b4193edd0dd4f8b3f20ff5a.png
content-length: 5756
x-request-id: 89e6d8b8ab3e83ad531238b229d76472
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 06 Apr 2021 06:23:05 GMT
server: nginx
x-timer: S1617735500.760081,VS0,VE0
etag: "7e0899e3b4b2ceee3f35fcf3d3a4eb20"
x-served-by: cache-wdc5561-WDC, cache-dca17730-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

GET
H2 200 937d8e623405a3cbcedc0f261afbe431.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 9 KB
9 KB 13ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/937d8e623405a3cbcedc0f261afbe431.jpg
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 104231972baaff857962f53f3cbd49cae1ab72556ec0c04fd7330065223c87f2

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 1075582
edge-cache-tag: 550875418432028562603362881975771825147,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/937d8e623405a3cbcedc0f261afbe431.jpg
content-length: 8732
x-request-id: 256d9dce6a10393d628cd46f9a97a3a7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 21 Mar 2021 17:16:25 GMT
server: nginx
x-timer: S1617735500.774193,VS0,VE1
etag: "42a9fc1088ff52124e5b21a75ec8ff22"
x-served-by: cache-wdc5575-WDC, cache-dca17727-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame C308 40 B
278 B 104ms
103ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=network_default&variant=fallthrough&page_referrer=direct&product=embed&thread=8391522630&thread_id=8391522630&forum=paste4btc&forum_id=3201658&zone=thread&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(66%2C139%2C202)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A921%7D&event=activity&imp=7556hkcfs4oas&prev_imp=&section=default&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 110ms
109ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7556hkcfs4oas&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=paste4btc&zone=thread&version=a658a7c16140d8728cc859daf581cbbc&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=3201658

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ Frame 3D69 79 KB
24 KB 13ms
11ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront), 1.1 varnish
age: 2309507
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 23743
x-served-by: cache-hhn11524-HHN
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
server: AmazonS3
x-timer: S1617735500.765420,VS0,VE0
etag: "b683c290896a82c974838a04b4ea4aff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Z_aditH7qQAPiluYOazXkv1lA7QQST6lcxsaXkSWTFjT_VYn1jNmmw==
x-cache-hits: 45739

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
756 B 39ms
32ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=9.648295091118193
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
CF-Cache-Status: HIT
Age: 7
CF-RAY: 63bd3f39a826dff3-FRA
Connection: keep-alive
Content-Length: 43
x-amz-id-2: ocNaOiA66CCWc4UgSbS+VVp+GK0WLGf88tifC/6ngnq2lLnnuoCm/OYWXRU0AaNxRtesXEletAY=
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
x-amz-request-id: JR68KD9PT5TY9KYX
Cache-Control: max-age=15, must-revalidate
cf-request-id: 094a25d8050000dff3c790f000000001
Accept-Ranges: bytes
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
756 B 170ms
162ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=9.648295091118193
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
CF-Cache-Status: HIT
Age: 7
CF-RAY: 63bd3f39a9941e47-FRA
Connection: keep-alive
Content-Length: 43
x-amz-id-2: ocNaOiA66CCWc4UgSbS+VVp+GK0WLGf88tifC/6ngnq2lLnnuoCm/OYWXRU0AaNxRtesXEletAY=
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
x-amz-request-id: JR68KD9PT5TY9KYX
Cache-Control: max-age=15, must-revalidate
cf-request-id: 094a25d80500001e47a7aeb000000001
Accept-Ranges: bytes
Content-Type: image/gif

GET
H2 204 abtests
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 3D69 0
258 B 17ms
16ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9ca8f3f4ef0321193f88f9d6dd0587bf&sd=v2_8f5ed88fca805a62d35efae61e2747d5_4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb_1617735499_1617735499_CIi3jgYQktQ_GMX9ssSKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&pi=/xya8wtf7&wi=-2169686434836192922&pt=text&vi=1617735499461&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~5638415729484237643~~hUAP67R1suAFl%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.44%5C%22%2C%5C%22event%5C%22%3A%5C%22disable_custom%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22%7B%5C%5C%5C%22domain%5C%5C%5C%22%3A%20%5C%5C%5C%22http%3A%2F%2Fpaste4btc.com%5C%5C%5C%22%2C%20%5C%5C%5C%22experiment%5C%5C%5C%22%3A%20%5C%5C%5C%22network_default%5C%5C%5C%22%2C%20%5C%5C%5C%22position%5C%5C%5C%22%3A%20%5C%5C%5C%22top%5C%5C%5C%22%2C%20%5C%5C%5C%22shortname%5C%5C%5C%22%3A%20%5C%5C%5C%22paste4btc%5C%5C%5C%22%2C%20%5C%5C%5C%22variant%5C%5C%5C%22%3A%20%5C%5C%5C%22fallthrough%5C%5C%5C%22%7D%5C%22%7D%22%2C%22eventTime%22%3A1617735499780%7D&tim=20%3A58%3A19.780&id=3764&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735500.785756,VS0,VE9
x-served-by: cache-hhn11524-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 3D69 0
55 B 17ms
17ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9ca8f3f4ef0321193f88f9d6dd0587bf&sd=v2_8f5ed88fca805a62d35efae61e2747d5_4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb_1617735499_1617735499_CIi3jgYQktQ_GMX9ssSKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&pi=/xya8wtf7&wi=-2169686434836192922&pt=text&vi=1617735499461&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22disable_custom%22%2C%22eventTime%22%3A1617735499780%7D&tim=20%3A58%3A19.780&id=4881&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735500.786136,VS0,VE9
x-served-by: cache-hhn11524-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 3D69 0
55 B 17ms
16ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9ca8f3f4ef0321193f88f9d6dd0587bf&sd=v2_8f5ed88fca805a62d35efae61e2747d5_4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb_1617735499_1617735499_CIi3jgYQktQ_GMX9ssSKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&pi=/xya8wtf7&wi=-2169686434836192922&pt=text&vi=1617735499461&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~5638415729484237643~~hUAP67R1suAFl%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.44%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_global%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22%7B%5C%5C%5C%22domain%5C%5C%5C%22%3A%20%5C%5C%5C%22http%3A%2F%2Fpaste4btc.com%5C%5C%5C%22%2C%20%5C%5C%5C%22experiment%5C%5C%5C%22%3A%20%5C%5C%5C%22network_default%5C%5C%5C%22%2C%20%5C%5C%5C%22position%5C%5C%5C%22%3A%20%5C%5C%5C%22top%5C%5C%5C%22%2C%20%5C%5C%5C%22shortname%5C%5C%5C%22%3A%20%5C%5C%5C%22paste4btc%5C%5C%5C%22%2C%20%5C%5C%5C%22variant%5C%5C%5C%22%3A%20%5C%5C%5C%22fallthrough%5C%5C%5C%22%7D%5C%22%7D%22%2C%22eventTime%22%3A1617735499781%7D&tim=20%3A58%3A19.781&id=3729&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735500.786103,VS0,VE9
x-served-by: cache-hhn11524-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 3D69 0
58 B 17ms
16ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9ca8f3f4ef0321193f88f9d6dd0587bf&sd=v2_8f5ed88fca805a62d35efae61e2747d5_4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb_1617735499_1617735499_CIi3jgYQktQ_GMX9ssSKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&pi=/xya8wtf7&wi=-2169686434836192922&pt=text&vi=1617735499461&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22enable_global%22%2C%22eventTime%22%3A1617735499781%7D&tim=20%3A58%3A19.781&id=7692&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735500.786096,VS0,VE9
x-served-by: cache-hhn11524-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 prebid.4.30.0-zeta-ssp.js Show response
c.disquscdn.com/js/dist/ Frame 9B22 309 KB
94 KB 14ms
13ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.4.30.0-zeta-ssp.js

Requested by

Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1709ffbe7087b51cd48f64fe7b734ac4907d2d0fc488e202ed0f513d0e50cd44

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108097
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
strict-transport-security: max-age=300; includeSubdomains
content-length: 95636
cf-request-id: 094a25d80c000005e9b4031000000001
last-modified: Wed, 24 Mar 2021 17:42:47 GMT
server: cloudflare
etag: "605b7a17-17594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 63bd3f39acac05e9-FRA
x-amz-cf-id: hSx6eIE1lQD6VaoOWkkCbHVF9YiIciS0NZq_6ZqB5BckzzAWc32ccA==
expires: Fri, 23 Apr 2021 23:10:01 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1677,y_662/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1268234666__XPVTagMH.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cfe0a8e583e571742679f42c4c69f620a2e4b3c759e819228a6fda40124c897f

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 97752
edge-cache-tag: 587514632163983733448266337336314927501,330227439643261220027728163643961833908,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1677,y_662/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1268234666__XPVTagMH.jpg
content-length: 12996
x-request-id: d1c71bc715c8ccce84485600b2c67c7f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 19 Mar 2021 14:07:50 GMT
server: nginx
x-timer: S1617735500.796228,VS0,VE0
etag: "b2e77bed4f915cb760b90d81a39d7f34"
x-served-by: cache-wdc5562-WDC, cache-dca17781-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 4927
edge-cache-tag: 341414001868996152015918467112407887788,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
content-length: 5628
x-request-id: 625bdced210a6b5b7e772e3954d8b2bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 06 Apr 2021 07:26:26 GMT
server: nginx
x-timer: S1617735500.796448,VS0,VE0
etag: "fb519243048a6647dda505a16b98f5da"
x-served-by: cache-wdc5559-WDC, cache-dca17746-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805351b6218a2f60d3e640217377382b.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6edd55c90820ad3a38cc99654e11c224801e06f81758dae0213a672c32a805d

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 1074188
edge-cache-tag: 629205404148234293207330076452853235207,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805351b6218a2f60d3e640217377382b.jpg
content-length: 8274
x-request-id: 4457267038136a9317e95adecbe5b622
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sun, 21 Mar 2021 17:05:39 GMT
server: nginx
x-timer: S1617735500.796646,VS0,VE0
etag: "014908e7f4a07618e4a0cdbcbeaef0f6"
x-served-by: cache-wdc5553-WDC, cache-dca17745-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 8

GET
H2 200 b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 4 KB
5 KB 10ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b76d6d505a0150c3ad73e6b4911973e5a881fa86bdd9c8eabb2199490cdb57

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 2187395
edge-cache-tag: 328041845518604324911670138800288517736,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81b8cbc9cd32574f269cbcbb2ec0c25.jpg
content-length: 4080
x-request-id: 89ee36c1d1360308a73ba688c151df55
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 24 Feb 2021 17:08:58 GMT
server: nginx
x-timer: S1617735500.797424,VS0,VE0
etag: "c9c9edf8b1536057b723afa94e9fc0c6"
x-served-by: cache-wdc5572-WDC, cache-dca17748-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4185e8d1d6f19a719d094f27ee4a17fb.jpeg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 511ea2852940aae3172b88eadf501cd483dbb0c7e3040ac9ce78b66c863a197c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 2153148
edge-cache-tag: 315632420742295326161718656141284752666,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4185e8d1d6f19a719d094f27ee4a17fb.jpeg
content-length: 15564
x-request-id: 4f8a0093a22f2975a6e5322a6736e4fc
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Fri, 12 Mar 2021 13:02:15 GMT
server: nginx
x-timer: S1617735500.797500,VS0,VE0
etag: "c5eda66a67da6f4bb61665397167575e"
x-served-by: cache-wdc5563-WDC, cache-dca17760-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de45f5482b4193edd0dd4f8b3f20ff5a.png
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85f79f0e9877d52af381a09df4789145de51a35e1b810fcfe5d5d2b26702373c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Apr 2021 18:58:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 43043
edge-cache-tag: 621940538935378814140820396355355251556,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de45f5482b4193edd0dd4f8b3f20ff5a.png
content-length: 5756
x-request-id: 89e6d8b8ab3e83ad531238b229d76472
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 06 Apr 2021 06:23:05 GMT
server: nginx
x-timer: S1617735500.797350,VS0,VE0
etag: "7e0899e3b4b2ceee3f35fcf3d3a4eb20"
x-served-by: cache-wdc5561-WDC, cache-dca17730-DCA, cache-hhn11524-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C308 199 KB
61 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1b24b62f2fc42e7d3c8a9836789961fe&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a46895ff6a9183c83a6eff193daca669f074f45a07cb4bcb4a7721ddb46ebf5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
etag: "6759039ca75ea00148fa20130efa79af"
content-md5: BsMcqpQjMhvf2naJjct/iQ==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61302
x-fb-rlafr: 0
x-fb-debug: ONRIQ9FnBNJh5QAbPHanEXZ4kgH7FXbexMpVmjzPp6VOBmtB5XHm42k1WEaaStVk2aHry5rQAe/gtcubX3GXrQ==
x-fb-trip-id: 2052514463
x-fb-content-md5: ea1fe79fa0190113b281ef6824d48855
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 06 Apr 2021 18:58:19 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
x-content-type-options: nosniff
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Wed, 06 Apr 2022 12:38:29 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame C308 102 KB
34 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 16:28:44 GMT
server: sffe
age: 502403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34454
x-xss-protection: 0
expires: Thu, 31 Mar 2022 23:24:56 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9B22 138 B
842 B 62ms
34ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.30.0-zeta-ssp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

de9bed2c959f4a7b1142bff14d17b4a47e1918c9615af479b19f159f93e7b32b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: c8750cae-e0f3-479c-8796-6064c3ab9301
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tempest.services.disqus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame C308 43 B
295 B 130ms
112ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7556hkcfs4oas&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=paste4btc&zone=thread&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&page_referrer=http%3A%2F%2Fpaste4btc.com%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A48%7D&forum_id=3201658

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 134D 513 B
842 B 37ms
17ms Document
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9192c43891081c5dc724d6ee847fc3eaae3e943c09528d0f2538d8187a07c55a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ceaRTHFUfd8EgOZxDTf8SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=213=jFfrSVy_FmplVJMGuLnaSA6f5OX3KxIvUCOkLav6dOXMJQVdkG9o4r-4cRtwG8CsIZnP12GZngPks6CDvg8A7kP4Byy1b0cQtPCECrQGsjBJFqNrbsAjymQt6ZEUiJ0mqsKwQszY93PlDo0t4MTx9hrrN3oK4VfScTlkR76V1pc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Apr 2021 18:58:19 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-ceaRTHFUfd8EgOZxDTf8SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 status
www.facebook.com/x/oauth/ Frame C308 0
0 40ms
27ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=http%3A%2F%2Fpaste4btc.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dpaste4btc%26t_u%3Dhttp%253A%252F%252Fpaste4btc.com%252FXyA8wtf7%26t_d%3Dtyijtyjutghtghfdjfj%2520%257C%2520Paste4BTC.com%2520-%2520Earn%2520bitcoins%2520by%2520pasting!%26t_t%3Dtyijtyjutghtghfdjfj%2520%257C%2520Paste4BTC.com%2520-%2520Earn%2520bitcoins%2520by%2520pasting!%26s_o%3Ddefault%23version%3Da658a7c16140d8728cc859daf581cbbc&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tQsCvBTHnHyXJjZk3fHnQPzjYvEEQfAuS4FrD3x8ROVx6at/t05fhOkR9Nv/0n7iZk3TaXLAxVhC110FCKXEQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 06 Apr 2021 18:58:19 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4071097310-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 134D 112 KB
39 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 15:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 17:30:24 GMT
server: sffe
age: 442736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39191
x-xss-protection: 0
expires: Fri, 01 Apr 2022 15:59:23 GMT

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 134D 14 B
330 B 38ms
23ms XHR
application/json 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Tue, 06 Apr 2021 18:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 06 Apr 2021 19:58:19 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame C308 390 B
722 B 142ms
116ms Script
application/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=paste4btc&thread_id=8391522630&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

064fbb34a13b39b92141a0aee6148c05329350caba676f402be1d5ee3a06f379

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1616607624/images/ Frame C308 2 KB
2 KB 21ms
20ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1616607624/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1117630
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: r6AREIbv-oIfwNBdj4FfWYmayTJvICDhgNtPuCBasUlhck9uDoDKng==
expires: Fri, 23 Apr 2021 20:31:09 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 117ms
116ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7556hkcfs4oas&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=paste4btc&zone=thread&version=a658a7c16140d8728cc859daf581cbbc&page_url=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&page_referrer=&object_type=advertisement&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=view&adverb=0ms-no50perc&forum_id=3201658

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame C308 43 B
295 B 115ms
115ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=580&event=init_embed&thread=8391522630&forum=paste4btc&forum_id=3201658&imp=7556hkcfs4oas&prev_imp&thread_slug=tyijtyjutghtghfdjfj_paste4btccom_earn_bitcoins_by_pasting&user_type=anon&referrer=http%3A%2F%2Fpaste4btc.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 9557 506 B
1 KB 241ms
183ms Document
text/html 65.9.90.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c753c0f024r1g00&pctry=DE&referrer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: lighttpd/1.4.33 /
Resource Hash: f14c99d76516da89b44a81dfd06477f13bef366fb304f9e417deddcd41ce6912

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c753c0f024r1g00&pctry=DE&referrer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 506
date: Tue, 06 Apr 2021 18:58:20 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=091863c2-078e-4b61-b848-63108468be3a:1617735500.3; Domain=rezync.com; Expires=Sun, 01-May-2022 11:58:20 GMT; Path=/; SameSite=None; Secure sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJjbGllbnRzIjp7ImRpc3F1cyI6ImM3NTNjMGYwMjRyMWcwMCJ9LCJzZXNzaW9uX2lkIjp7IiBiIjoiTURreE9EWXpZekl0TURjNFpTMDBZall4TFdJNE5EZ3ROak14TURnME5qaGlaVE5oT2pFMk1UYzNNelUxTURBdU13PT0ifX0.E05AzA.GDgP2d1Cr8P2ZX6t9fv-azVyAAI; Expires=Sun, 01-May-2022 18:58:20 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 8Fus_9vjCpakhY5J7eoX7iJJCnaNnPjHFgMGEth2sn_nK8cVXro3Qw==

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 8EA6
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCMzesoMGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1

42 B
316 B

16ms
15ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: rlas3=ucy8HAUYF1iyKE483/Jo5hADkTNRjmz/g4NerWaAoiU=; pxrc=CMzesoMGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=ucy8HAUYF1iyKE483/Jo5hADkTNRjmz/g4NerWaAoiU=; Path=/; Domain=rlcdn.com; Expires=Wed, 06 Apr 2022 18:58:20 GMT; Secure; SameSite=None pxrc=CMzesoMGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Sat, 05 Jun 2021 18:58:20 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Tue, 06 Apr 2021 18:58:20 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOEAYVisGTexInAj5nD4C3k&google_cver=1
date: Tue, 06 Apr 2021 18:58:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
set-cookie: IDE=AHWqTUlhNhfLJTeXeApa0Sv-Mwqth1qvYPaPRolQJYSgPcDMsp1yexMYa4npR20MgMQ; expires=Sun, 01-May-2022 18:58:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
io.narrative.io/ Frame C308
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
https://io.narrative.io/?io.narrative.guid.v2=0dd852c0-970a-11eb-916a-0a045a1c45ea&companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7

35 B
319 B

31ms
31ms

Image
image/gif

54.171.243.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=0dd852c0-970a-11eb-916a-0a045a1c45ea&companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.243.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-243-255.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paste4btc&t_u=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&t_d=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&t_t=tyijtyjutghtghfdjfj%20%7C%20Paste4BTC.com%20-%20Earn%20bitcoins%20by%20pasting!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:20 GMT
Cache-Control: no-cache
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=0dd852c0-970a-11eb-916a-0a045a1c45ea&companyId=19&id=disqus_id%3Ac753c0f024r1g00&ret=img&ref=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Date: Tue, 06 Apr 2021 18:58:20 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 357 B
977 B 64ms
40ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e31d861ed6e5b6255e9abdb8d6a4b5d5bf775057fd304a699bd277dc37268795

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:20 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://paste4btc.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 357
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.gif
links.services.disqus.com/api/
Redirect Chain

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

43 B
565 B

36ms
35ms

Image
image/gif

151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:20 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
660 B 37ms
36ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0934faf19b87d37d1e545ffac95821bd90567dde43ce6f372ab60f9778799243

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:20 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://paste4btc.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 42 B
661 B 50ms
35ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9a79f0739ecb3ffbe0208cfed3be55997ec88d425b2d1ff59635f13852cd9bf8

Request headers

Referer: http://paste4btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:20 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://paste4btc.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame 9557
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1247141728252991687
https://p.rfihub.com/cm?pub=39342&in=1&userid=091863c2-078e-4b61-b848-63108468be3a%3A1617735500.3&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc753c0f024r1g00
https://idsync.rlcdn.com/501709.gif?partner_uid=c753c0f024r1g00
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1247141728252991687

42 B
315 B

17ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1247141728252991687
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c753c0f024r1g00&pctry=DE&referrer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 18:58:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:20 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 748ab0bb-e732-486f-b08f-b0f86f5b6f36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1247141728252991687
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

397676.gif
idsync.rlcdn.com/ Frame 9557
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=091863c2-078e-4b61-b848-63108468be3a%3A1617735500.3&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=875739025709990642
https://idsync.rlcdn.com/501709.gif?partner_uid=c753c0f024r1g00
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=vo2NDVAf3Zt7GSkoCnrX37BvjXLu3R10

42 B
315 B

17ms
17ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=vo2NDVAf3Zt7GSkoCnrX37BvjXLu3R10
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c753c0f024r1g00&pctry=DE&referrer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 18:58:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=vo2NDVAf3Zt7GSkoCnrX37BvjXLu3R10
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3459
date: Tue, 06 Apr 2021 18:58:20 GMT
content-length: 221
content-type: text/html; charset=utf-8

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 3D69 0
302 B 17ms
17ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 18:58:20 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735501.753995,VS0,VE9
x-served-by: cache-hhn11524-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D69 254 B
707 B 25ms
25ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=paste4btc&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23428bca&colorScheme=light&sourceUrl=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&typeface=sans-serif&disqus_version=bb0e8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 12223
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11524-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1617735501.807719,VS0,VE0
date: Tue, 06 Apr 2021 18:58:20 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 47
x-cache-hits: 18021

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A4A5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a&tbid=f0fbf039-08f5-4040-bc9d-9f16dadb45fb-tuct76634cd&query=taboola_hm%3Daaba6003-d836-...

0
53 B

21ms
20ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a&tbid=f0fbf039-08f5-4040-bc9d-9f16dadb45fb-tuct76634cd&query=taboola_hm%3Daaba6003-d836-4822-893c-d675b027f76a&isDirect=0
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735502.847927,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11524-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=aaba6003-d836-4822-893c-d675b027f76a&tbid=f0fbf039-08f5-4040-bc9d-9f16dadb45fb-tuct76634cd&query=taboola_hm%3Daaba6003-d836-4822-893c-d675b027f76a&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Tue, 06 Apr 2021 18:58:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 13255

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A4A5 0
239 B 104ms
33ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A4A5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=L68lyxrZSIsC&ev=1&orig=trc&pid=562107

0
219 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=L68lyxrZSIsC&ev=1&orig=trc&pid=562107
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.201:10213
date: Tue, 06 Apr 2021 18:58:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 18358

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=L68lyxrZSIsC&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-9sk8n
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame A4A5
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1247141728252991687&orig=trc

0
227 B

52ms
24ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1247141728252991687&orig=trc
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Tue, 06 Apr 2021 18:58:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12511

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:21 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid: 7d148f24-33f0-46c8-859f-5c1df3381d32
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1247141728252991687&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A4A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBGexORsX640EKaAb5FTHoY&google_cver=1

0
209 B

17ms
17ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBGexORsX640EKaAb5FTHoY&google_cver=1
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 06 Apr 2021 18:58:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735502.734358,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11524-HHN

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:58:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBGexORsX640EKaAb5FTHoY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame A4A5 42 B
805 B 87ms
20ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb:$UID
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:20 GMT
X-lat: amspug003:0:411
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame A4A5
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd70b770-b28f-4c8d-9ac0-d5e4b3c65277-tuct76634cd

170 B
201 B

19ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd70b770-b28f-4c8d-9ac0-d5e4b3c65277-tuct76634cd

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:58:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd70b770-b28f-4c8d-9ac0-d5e4b3c65277-tuct76634cd
tbl-x-upstream: 10.41.14.127:10213
date: Tue, 06 Apr 2021 18:58:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12511

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A4A5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc81d623-25bf-415b-88c1-9255c2e4fd2d

0
183 B

16ms
16ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc81d623-25bf-415b-88c1-9255c2e4fd2d
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Tue, 06 Apr 2021 18:58:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617735502.958389,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11524-HHN

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:58:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc81d623-25bf-415b-88c1-9255c2e4fd2d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame A4A5
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

18ms
18ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 18:58:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame A4A5 49 B
406 B 281ms
92ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb

Requested by

Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-hxtsp
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A4A5 43 B
697 B 61ms
20ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&gdpr=0&gdpr_consent=
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:58:21 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame A4A5 0
59 B 79ms
15ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:58:21 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A4A5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fd9307a-d5a6-4c7a-85d1-e6847b2c6893

0
228 B

20ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fd9307a-d5a6-4c7a-85d1-e6847b2c6893
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Tue, 06 Apr 2021 18:58:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 13171

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fd9307a-d5a6-4c7a-85d1-e6847b2c6893
cache-control: no-cache
date: Tue, 06 Apr 2021 18:58:21 GMT
server-processing-duration-in-ticks: 4301
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 06 Apr 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame A4A5
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEchIy-yRg2NxQzNnuL8cjO5V5heZ8dhKYKjUyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEchIy-yRg2NxQzNnuL8cjO5V5heZ8dhKYKjUyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=a8d6b47e-12d0-4c8b-90bd-2bbfdc26f726&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_116365f6-e043-41bc-999f-d0069f7da7cd&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGeeBM4BMpG97TDwflb1zf8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1247141728252991687&opid=apx&ops=&utidl=tech:goo:CAESEGeeBM4BMpG97TDwflb1zf8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A16748196772&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=652375b6aa09d1206fbb015709cb49c6&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=215673ab-b862-412e-9d9f-2d20258c28f5&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame A4A5
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=gF5uWtTyDMyAkHveTq9sYA

0
218 B

21ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=gF5uWtTyDMyAkHveTq9sYA
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 06 Apr 2021 18:58:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 16967

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=gF5uWtTyDMyAkHveTq9sYA
date: Tue, 06 Apr 2021 18:58:22 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame A4A5 35 B
380 B 389ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Tue, 06 Apr 2021 18:57:40 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame A4A5 0
155 B 260ms
86ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=4f81e856-a1a4-4430-8446-a50964386ca9-tuct76634cb&_r=6564424
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Apr 2021 18:58:22 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame A4A5
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=77040971-f690-47b9-96dc-02e444c26321&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e4344ef3-87f0-4df7-a591-0fbd17c0a417

0
227 B

21ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e4344ef3-87f0-4df7-a591-0fbd17c0a417
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 06 Apr 2021 18:58:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 17615

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e4344ef3-87f0-4df7-a591-0fbd17c0a417
date: Tue, 06 Apr 2021 18:58:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK Cookie set watch.1346683595057 Show response
www.urldelivery.com/ Frame 920C 103 B
562 B 203ms
197ms Document
text/html 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.urldelivery.com/watch.1346683595057?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=3e715530-ae5a-4060-98a5-5ec89712cd02%3A1%3A1

Requested by

Host: www.bnhtml.com
URL: http://www.bnhtml.com/invoke.js

Protocol

HTTP/1.1

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Host: www.urldelivery.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paste4btc.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://paste4btc.com/

Response headers

Server: nginx/1.17.6
Date: Tue, 06 Apr 2021 18:58:23 GMT
Content-Type: text/html
Content-Length: 103
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=9095145; expires=Wed, 07 Apr 2021 18:58:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 005f75cd263a6a2c1542b6f8e2e1d56a
Strict-Transport-Security: max-age=0; includeSubdomains

GET
H/1.1 200
OK shBrushPlain.js Show response
paste4btc.com/scripts/ 302 B
1 KB 27ms
26ms Script
application/x-javascript 2606:4700:3037::ac43:ad12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paste4btc.com/scripts/shBrushPlain.js
Requested by: Host: paste4btc.com
URL: http://paste4btc.com/XyA8wtf7
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ad12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c9829ce7fd0620ca00eaad09a49195d198b6c1cca5aaeb4f36fa346ef01bae

Request headers

Referer: http://paste4btc.com/XyA8wtf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:58:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 5663
Cf-Polished: origSize=750
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a25f1160000d6e9b5ae9000000001
Last-Modified: Sun, 25 Sep 2016 16:38:46 GMT
Server: cloudflare
Etag: W/"2ee-57e7fd96-8000207;gz"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bfNJCSEhjzleqHHHcGLYR1Za7TZakjFt89zDvA0DOdAnuIklIz3vHuD8u35FUF8w81aHCfBBnLbSCf%2FfCC2LvdEXldKHJlvlQmt%2F%2BtFwy1e%2FOpBimCQieB9F"}],"max_age":604800}
Content-Type: application/x-javascript
Expires: Sat, 02 Jan 2021 12:38:08 GMT
Cache-Control: public, max-age=604800
CF-RAY: 63bd3f61b851d6e9-FRA
Cf-Bgj: minify

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: venetrigni.com
URL: http://venetrigni.com/stats

Domain: venetrigni.com
URL: http://venetrigni.com/stats

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.1346683595057.js?key=d49abda5d34a58576a3709ea1b6a910d&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.381441996187.js?key=bf06d455d60398964ceb98876a948eab&kw=%5B%22tyijtyjutghtghfdjfj%22%2C%22paste4btc%22%2C%22com%22%2C%22-%22%2C%22earn%22%2C%22bitcoins%22%2C%22by%22%2C%22pasting%22%5D&refer=http%3A%2F%2Fpaste4btc.com%2FXyA8wtf7&tz=2&dev=r&res=4.21&uuid=

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rlcdn.com/	1970-01-20 02:07:51	Name: rlas3 Value: ucy8HAUYF1iyKE483/Jo5hADkTNRjmz/g4NerWaAoiU=
live.rezync.com/	1970-01-20 02:43:51	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJjbGllbnRzIjp7ImRpc3F1cyI6ImM3NTNjMGYwMjRyMWcwMCJ9LCJzZXNzaW9uX2lkIjp7IiBiIjoiTURreE9EWXpZekl0TURjNFpTMDBZall4TFdJNE5EZ3ROak14TURnME5qaGlaVE5oT2pFMk1UYzNNelUxTURBdU13PT0ifX0.E05AzA.GDgP2d1Cr8P2ZX6t9fv-azVyAAI
.rezync.com/	1970-01-20 02:43:26	Name: zync-uuid Value: 091863c2-078e-4b61-b848-63108468be3a:1617735500.3
.paste4btc.com/	1970-01-19 17:32:20	Name: 494668b4c0ef4d25bda4e75c27de2817 Value: 3e715530-ae5a-4060-98a5-5ec89712cd02%3A1%3A1
.google.com/	1970-01-19 21:45:46	Name: NID Value: 213=jFfrSVy_FmplVJMGuLnaSA6f5OX3KxIvUCOkLav6dOXMJQVdkG9o4r-4cRtwG8CsIZnP12GZngPks6CDvg8A7kP4Byy1b0cQtPCECrQGsjBJFqNrbsAjymQt6ZEUiJ0mqsKwQszY93PlDo0t4MTx9hrrN3oK4VfScTlkR76V1pc
disqus.com/	1970-01-19 17:22:17	Name: __jid Value: 7556hkcfs4oas
paste4btc.com/	1970-01-20 02:51:03	Name: __atuvc Value: 1%7C14
.rlcdn.com/	1970-01-19 18:48:39	Name: pxrc Value: CMzesoMGEgUI6AcQABIGCLrqARAAEgYI6uoBEAA=
paste4btc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f98fcb4are7lnp7hsni5dnt977
.paste4btc.com/	1970-01-19 17:23:41	Name: _gid Value: GA1.2.2008176514.1617735496
.paste4btc.com/	1970-01-19 17:22:15	Name: _gat Value: 1
paste4btc.com/	1970-01-19 17:22:17	Name: __atuvs Value: 606caf482b4a92a6000
.disqus.com/	1970-01-20 02:07:51	Name: disqus_unique Value: 753c0f024r1g00
.paste4btc.com/	1970-01-20 10:53:27	Name: _ga Value: GA1.2.1092680688.1617735496
.paste4btc.com/	1970-01-19 18:05:27	Name: __cfduid Value: d023111f0688d2538f94db5d7f52a9b9f1617735495

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://www.bnhtml.com/invoke.js(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.disquscdn.com
a.sportradarserving.com
accounts.google.com
ad.a-ads.com
api-public.addthis.com
apis.google.com
bh.contextweb.com
bttrack.com
c.disquscdn.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
dis.criteo.com
disqus.com
e1.emxdgt.com
ejp.rlcdn.com
glitter.services.disqus.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
images.taboola.com
io.narrative.io
links.services.disqus.com
live.rezync.com
loadus.exelator.com
match.adsrvr.org
match.taboola.com
p.rfihub.com
paste4btc.com
paste4btc.disqus.com
pixel.rubiconproject.com
pl9195645.pvclouds.com
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s7.addthis.com
sb.scorecardresearch.com
simage2.pubmatic.com
ssl.gstatic.com
static.a-ads.com
sync-t1.taboola.com
sync.taboola.com
tempest.services.disqus.com
trc.taboola.com
v1.addthisedge.com
venetrigni.com
vidstat.taboola.com
vk.com
www.bnhtml.com
www.ctx.me
www.facebook.com
www.google-analytics.com
www.reddit.com
www.urldelivery.com
x.bidswitch.net
z.moatads.com
loadus.exelator.com
venetrigni.com
www.urldelivery.com
139.162.84.221
141.226.224.32
141.226.228.48
148.251.53.118
151.101.112.134
151.101.112.64
151.101.113.140
151.101.114.49
151.101.12.134
151.101.192.134
172.217.23.98
178.250.2.151
18.158.22.14
18.159.17.140
18.195.155.181
185.33.221.50
185.64.189.110
185.86.138.142
192.132.33.46
192.243.59.12
192.243.59.13
193.0.160.129
198.148.27.140
199.232.137.44
2.18.235.40
23.210.248.44
23.37.53.17
2606:4700:3037::ac43:ad12
2606:4700::6810:a30d
2606:4700::6812:a813
2a00:1450:4001:800::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200d
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.242.149
34.247.209.159
35.244.174.68
54.171.243.255
54.93.136.159
65.9.90.46
69.173.144.138
72.251.249.13
85.10.200.158
91.121.90.131
93.186.225.208
01c9829ce7fd0620ca00eaad09a49195d198b6c1cca5aaeb4f36fa346ef01bae
021eaff8339f449249cb2736cf21dbc7f28f5a46457a07267c4e80fcf7d9e908
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
064fbb34a13b39b92141a0aee6148c05329350caba676f402be1d5ee3a06f379
0934faf19b87d37d1e545ffac95821bd90567dde43ce6f372ab60f9778799243
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a432d488e1102c109501dd16bfdf19c1301e45232b5714586d448b3ab79da52
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
0c2a7c0988b0efb6a72d0095a2179926cfb885781cb86e453f2137419e34ca4d
104231972baaff857962f53f3cbd49cae1ab72556ec0c04fd7330065223c87f2
1709ffbe7087b51cd48f64fe7b734ac4907d2d0fc488e202ed0f513d0e50cd44
1e6b99558c6a7ab35d33dc3696e568fb56313b84543877888a2ecbce41c7afee
20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740
26d7181620be300c6568ac9d72aac042d93498380bc83d5545db0d22073e21ea
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
32d1434add65b0b17b5af8c027d77ae7cd8f793053043c09fa08edfa4a165faf
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
471d87769fca429a428e1af071fe1d86971e42f6aef1e04f144ad1047be73bef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e9ea9751896855bd8ef213566d87158c883babf1bfaace1181611312f6bc92d
511ea2852940aae3172b88eadf501cd483dbb0c7e3040ac9ce78b66c863a197c
520690624c7ff50a77d21688784eb39e805777b47305a543199cedf317025b61
571dc3712301ff53f957b5a3bf519de0601ada35b45ee54494be97a2025db9de
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba
67283bde49a5a2cd26952d96dfa5cdcdd9e0eed1ac1d1a6d1d820a887a20263a
67d9f7ce75567c65f973c7565a6acae5721f278252a91b269d42bac9b0257dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c879ed9ca3d7073371e3eb0def4da6d749ca1091453940bf34958b95ec4e4a7
6da6654eadb3a4fd3d3eb9d12dba5b933fed332479d84adcf2b7a895a44a570a
6e6fa372809932cf94b466e62f7eb942162957fc1c89635b619d5c07ed517dad
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d
7474826a7899a6d07f454946ba3f1156161cd9a84247c4a18e7ea6a3fc1c784b
7ff3757435f9bf2e1181dff65c9bc546b63f167308487f8cdd344c8a694d8917
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66
85f79f0e9877d52af381a09df4789145de51a35e1b810fcfe5d5d2b26702373c
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b818fd0c9f6996969ef69be6a3796890f0c4449d261ad2b5cdcd25d824445d3
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9192c43891081c5dc724d6ee847fc3eaae3e943c09528d0f2538d8187a07c55a
92d29ddb8ae4beefaa8067b2285d98d9be8e403f3eafc711455b3291c6b7522e
93b4950fb54129d7fd234a5cc5b51c06a6a778e8ad110c76dc422bf91782f75e
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
99da5c0f78a0aa5fde3c413e67522c36d2d97af7a2823e892afd082e38d052b1
9a2033afa7788fe05e51b24636bbc3b44c0d65a4b9fb853aebcf5a132245329d
9a79f0739ecb3ffbe0208cfed3be55997ec88d425b2d1ff59635f13852cd9bf8
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fa67da84c690615b1dc83b460c777f1c0c9fa1799c60f9681b4fc7876787136
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a13db7ce6e9f290465fb29e8312c7c95aab701764bd1d910c97d08c55139ae3b
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a199a96d76b9533e3a3597dc040c5a866c2e3d4f944e01f2a04a0ccfbfe82a5d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a46895ff6a9183c83a6eff193daca669f074f45a07cb4bcb4a7721ddb46ebf5d
a610cdaf887383f775d316a703e7b75c6cbb8a0ac4d56b2b14723a6eb1fde4fe
aaba1d699096480e6fcd12e5fa969828791edf397334a90ba6f8358c6ae6a8ba
ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341
ac9f755daf0e57aab99de190b88eaceb1d197da37a773abd52d1651a414166d0
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64
b08aa529daee9dbe037fdc8cd91463b2a332e05eac979df9c4d9fd2659f820c9
b4b76d6d505a0150c3ad73e6b4911973e5a881fa86bdd9c8eabb2199490cdb57
b6edd55c90820ad3a38cc99654e11c224801e06f81758dae0213a672c32a805d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6399a7e490b5b26a2b8b797171577ff78606964d2b611310775e2dfc543d32
c15d4cf50e5720a7fcca1de952f88d7b1fa63d854985a67eed2151489d376e34
c72060928bf66e8ff55b42e653f95429d4777769d790921ff8390eb1068da303
cb2d773050f8843665bfba7a8cd6438764cdb5445a71f3d956fd8bbcbd2ece9d
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ce33b36f16a953ed16394b859ee8f1a6e7fd9785869fe62e3af78aa019c07f7b
ce8fc5b6de8c12b2eac649cc45206787aa6d5c9ab0987020574349688c3df288
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe0a8e583e571742679f42c4c69f620a2e4b3c759e819228a6fda40124c897f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d8125bad68732a7c6166f468a6f14d75b4a64707e1752b1341d42d446c2d1c57
de9bed2c959f4a7b1142bff14d17b4a47e1918c9615af479b19f159f93e7b32b
e31d861ed6e5b6255e9abdb8d6a4b5d5bf775057fd304a699bd277dc37268795
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ca539df2a065e14ebfe8808be60b08f5c25ac24c86aba584a36c15a1bc0947
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14c99d76516da89b44a81dfd06477f13bef366fb304f9e417deddcd41ce6912
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

paste4btc.com Open in urlscan Pro 2606:4700:3037::ac43:ad12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

144 Requests

78 %HTTPS

21 %IPv6

42 Domains

61 Subdomains

41 IPs

8 Countries

1549 kBTransfer

3882 kBSize

15 Cookies

28 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paste4btc.com Open in urlscan Pro
2606:4700:3037::ac43:ad12 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

78 %
HTTPS

21 %
IPv6

42
Domains

61
Subdomains

41
IPs

8
Countries

1549 kB
Transfer

3882 kB
Size

15
Cookies

144 HTTP transactions
5 data transactions