URL: https://pastebin.pl/view/20b438ed
Submission: On May 19 via manual from GB — Scanned from GE

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 132 HTTP transactions. The main IP is 185.157.81.233, located in Poland and belongs to S-NET-AS, PL. The main domain is pastebin.pl.
TLS certificate: Issued by R3 on March 22nd 2023. Valid for: 3 months.
This is the only time pastebin.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
479 KB
23 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
ad.doubleclick.net — Cisco Umbrella Rank: 165
148 KB
23 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856
87 KB
15 pastebin.pl
pastebin.pl
192 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
644 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
6 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
6 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
211 KB
4 mfilterit.net
script.mfilterit.net — Cisco Umbrella Rank: 205715
collectcpmv3.mfilterit.net — Cisco Umbrella Rank: 259250
22 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
203 KB
2 google.ge
adservice.google.ge — Cisco Umbrella Rank: 73522
696 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
601 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
78 KB
132 15
Domain Requested by
24 pagead2.googlesyndication.com pastebin.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
21 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
pastebin.pl
15 pastebin.pl pastebin.pl
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
pastebin.pl
googleads.g.doubleclick.net
9 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
7 www.google.com 2 redirects pastebin.pl
www.gstatic.com
www.google.com
tpc.googlesyndication.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
4 www.googletagservices.com pastebin.pl
googleads.g.doubleclick.net
2 ad.doubleclick.net pastebin.pl
2 collectcpmv3.mfilterit.net script.mfilterit.net
2 s0.2mdn.net googleads.g.doubleclick.net
pastebin.pl
2 script.mfilterit.net pastebin.pl
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.ge pagead2.googlesyndication.com
1 fonts.gstatic.com www.google.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pastebin.pl
1 ajax.googleapis.com pastebin.pl
132 23
Subject Issuer Validity Valid
www.pastebin.pl
R3
2023-03-22 -
2023-06-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com.ge
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.mfilterit.net
Amazon RSA 2048 M02
2023-02-20 -
2023-10-18
8 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh

This page contains 22 frames:

Primary Page: https://pastebin.pl/view/20b438ed
Frame ID: 65698AD26BB15BA9E646B453372C6405
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: A2473BEABC3D7D0E4B66E227CA4DAD54
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Frame ID: ED29EC6495EC289935049BFFCAE6FEB5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1684511725&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F20b438ed&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684511725262&bpp=4&bdt=1188&idt=709&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3418288181761&frm=20&pv=2&ga_vid=1402083713.1684511725&ga_sid=1684511726&ga_hid=1424187311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442%2C44792089&oid=2&pvsid=4105589473415225&tmod=1528691172&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=738
Frame ID: BA335061056B02E5022816B2924D248D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Frame ID: 0B024DBC47ECC498D994BE48A0E44C89
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: 71D7E46BA29C2D35357928763276D13F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: C062648BB2463E50C8DE11E2B9AADD26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: 15E5A9207F46A5E1D4EBDCF78FB311AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B6DD24ABD57BBA6049336AE84913A45
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6500436413BBDC43D3B9E965A58A37B1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEA547AB8A10EB0001402B7D1037B4A5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Frame ID: E7F23AC0D0F1D9E2B7F15DFC5E5E56B2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Frame ID: 5ED4F7F2090FBE6FE88F24A322ACDD03
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Frame ID: 1CEC64FB2D3A08B41085F5A387CB8A2D
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/12966773588449590959
Frame ID: 4ED6F5A80A39309754DCAF101D9C69D9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B622DC6F3A980895FC21C2109827E5E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B12D8D1271228305FBBE0189CA5E2699
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB36A529A6F4848775B752CF169E7E62
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C65719426B50EC22AE5F81590D59024C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4B3776DF240E36D3B86E953DF00B753C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: A6ACC1B485E032BF5A5E8CFDD2C699E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 906D250EDB9C616AED1741953E521AA1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

How Landlords Electrical Certificate Was Able To B - Pastebin

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

132
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

2102 kB
Transfer

5262 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1
Request Chain 88
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1
Request Chain 90
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Request Chain 92
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1
Request Chain 94
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

132 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 20b438ed
pastebin.pl/view/
51 KB
12 KB
Document
General
Full URL
https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
abcd04d677a9d3b33e2532cc302f439badf3d15883a1adfc25b39f43217d18c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 15:55:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 11:33:20 GMT
16262479586fe652146aefffcee5e73b9d19256f5d.css
pastebin.pl/static/asset/
122 KB
26 KB
Stylesheet
General
Full URL
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:17:54 GMT
server
nginx
etag
W/"60ee9db2-1e71d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 18 Jun 2023 15:55:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
51fed40a55326ed1a812dbef3a89424b9e9d103d0dadc3a02770e3c85127baca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47428
x-xss-protection
0
server
cafe
etag
620019622746196512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:25 GMT
js
www.googletagmanager.com/gtag/
221 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e769d488c0c7212bb2fbca7622579762e4ae69922ac0d0ac3687ffb3b0f5afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79656
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 15:55:25 GMT
btc.png
pastebin.pl/custom-images/
6 KB
6 KB
Image
General
Full URL
https://pastebin.pl/custom-images/btc.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-171e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5918
expires
Sun, 18 Jun 2023 15:55:24 GMT
Facebook.png
pastebin.pl/custom-images/flat_web_icon_set/color/
3 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Facebook.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-d42"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3394
expires
Sun, 18 Jun 2023 15:55:24 GMT
Twitter.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Twitter.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-e3c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3644
expires
Sun, 18 Jun 2023 15:55:24 GMT
Google+.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Google+.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f1d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3869
expires
Sun, 18 Jun 2023 15:55:24 GMT
Tumblr.png
pastebin.pl/custom-images/flat_web_icon_set/color/
3 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Tumblr.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-d6f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3439
expires
Sun, 18 Jun 2023 15:55:24 GMT
Reddit.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Reddit.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f83"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3971
expires
Sun, 18 Jun 2023 15:55:24 GMT
Wordpress.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Wordpress.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f84"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3972
expires
Sun, 18 Jun 2023 15:55:24 GMT
Email.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Email.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-e5c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3676
expires
Sun, 18 Jun 2023 15:55:24 GMT
20b438ed
pastebin.pl/view/qr/
382 B
648 B
Image
General
Full URL
https://pastebin.pl/view/qr/20b438ed
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
cdcabcc0174fe6a0f72d2ea30687f72b5592e2c7c99faf51962edf0a0d71f945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 19 May 2023 15:55:24 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.js
www.google.com/recaptcha/
850 B
878 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
GSE /
Resource Hash
ebb78fcddd1ce16b5147e76f0e6e70eef501a40a43c77190f93ccf6e2d880f74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
558
x-xss-protection
1; mode=block
expires
Fri, 19 May 2023 15:55:24 GMT
16262479587430a1044da8a37b18147203f4015289.js
pastebin.pl/static/asset/
207 KB
74 KB
Script
General
Full URL
https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/20b438ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 16:37:27 GMT
server
nginx
etag
W/"60ef12c7-33dce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 18 Jun 2023 15:55:24 GMT
banner_soc.png
pastebin.pl/themes/stikkedizr/images/
2 KB
3 KB
Image
General
Full URL
https://pastebin.pl/themes/stikkedizr/images/banner_soc.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 19 May 2023 15:55:24 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Sun, 18 Jun 2023 15:55:24 GMT
fontawesome-webfont.woff
pastebin.pl/themes/stikkedizr/fonts/
43 KB
44 KB
Font
General
Full URL
https://pastebin.pl/themes/stikkedizr/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/font-woff
pragma
no-cache
date
Fri, 19 May 2023 15:55:24 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Sat, 20 May 2023 15:55:24 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/
443 KB
168 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170954
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 May 2024 15:36:59 GMT
text
pastebin.pl/main/get_cm_js/
0
327 B
XHR
General
Full URL
https://pastebin.pl/main/get_cm_js/text?_=1684511724983
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://pastebin.pl/view/20b438ed
X-Requested-With
XMLHttpRequest
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:25 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/
355 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
19ebd6e5b2bf240dbe3c63585bcc351a8544328ef916acbb981df1b2c0e61340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122654
x-xss-protection
0
server
cafe
etag
5666291242756027305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame A247
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
65232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 21:48:13 GMT
etag
15057649708203361565
expires
Thu, 01 Jun 2023 21:48:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-88PKPGCEBF&gtm=45je35h0&_p=1424187311&cid=1402083713.1684511725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684511725&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.pl%2Fview%2F20b438ed&dt=How%20Landlords%20Electrical%20Certificate%20Was%20Able%20To%20B%20-%20Pastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastebin.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame ED29
51 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
GSE /
Resource Hash
590540a01a294fdc430f0aa7c5cb4784fc9e648fd9e5be00205a5f7bb9abab7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RFPBJGHoz61juK34Y89zpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28604
content-security-policy
script-src 'report-sample' 'nonce-RFPBJGHoz61juK34Y89zpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ED29
55 KB
55 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:30:16 GMT
x-content-type-options
nosniff
age
5109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56403
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 14:30:16 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ED29
443 KB
167 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170954
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 May 2024 15:36:59 GMT
cookie.js
partner.googleadservices.com/gampad/
389 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.pl&callback=_gfp_s_&client=ca-pub-2536515702233288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
849508599f0fc50c8c2f3ea83dfd0ad60d4d926291de4de36b416f2490e0e0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.ge/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=pastebin.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BA33
514 KB
123 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1684511725&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F20b438ed&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684511725262&bpp=4&bdt=1188&idt=709&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3418288181761&frm=20&pv=2&ga_vid=1402083713.1684511725&ga_sid=1684511726&ga_hid=1424187311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442%2C44792089&oid=2&pvsid=4105589473415225&tmod=1528691172&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=738
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6313049b648307bae6371dc404a43cf606f143f5e578cf326e907400bda0d2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
126097
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:27 GMT
expires
Fri, 19 May 2023 15:55:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ED29
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED29
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ED29
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:52:35 GMT
x-content-type-options
nosniff
age
493371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 20 May 2023 22:52:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED29
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:24:03 GMT
x-content-type-options
nosniff
age
495083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 22:24:03 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0B02
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
GSE /
Resource Hash
a0064836bbda6a4e2d10a5ec5eabdf1cf8463c799c43800886287bb28272c6ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ZNBXpOQSwLd-l6KiPKjeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1152
content-security-policy
script-src 'report-sample' 'nonce-1ZNBXpOQSwLd-l6KiPKjeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
webworker.js
www.google.com/recaptcha/api2/ Frame ED29
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
GSE /
Resource Hash
b483843fd1e252191147929d28e5b1344f4c4b86306939a65775d72284e7e895
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 19 May 2023 15:55:26 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 0B02
55 KB
55 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:30:16 GMT
x-content-type-options
nosniff
age
5111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56403
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 14:30:16 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 0B02
443 KB
167 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170954
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 May 2024 15:36:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2eee13eff606a29a649997a6b60bcbd55270a650c13bd0f36d7e0058dc3da21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11235
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/
152 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
453195c3884df2dc8baf943fed648cf04d9ddb4776c6c24a311ca6df0641f53a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52640
x-xss-protection
0
server
cafe
etag
11988361686899660269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:27 GMT
ca-pub-2536515702233288
fundingchoicesmessages.google.com/i/
132 KB
45 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2536515702233288?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
64f737f1d65003f93c8cdb2aff80d21e5a997ab5ba1e2b0c3e8669ea9e4e8a4e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qd18y6jQLX9JWYo719H6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-qd18y6jQLX9JWYo719H6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 May 2023 15:55:27 GMT
integrator.js
adservice.google.ge/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=pastebin.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 71D7
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
39367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 04:59:21 GMT
etag
15057649708203361565
expires
Fri, 02 Jun 2023 04:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame C062
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
39367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 04:59:21 GMT
etag
15057649708203361565
expires
Fri, 02 Jun 2023 04:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 15E5
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
39367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 04:59:21 GMT
etag
15057649708203361565
expires
Fri, 02 Jun 2023 04:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 9B6D
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
39367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 04:59:21 GMT
etag
15057649708203361565
expires
Fri, 02 Jun 2023 04:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXTXdXm5nHc2lUxw7bu6Xh1U7geiqSL676feGreZ6cJMMHdPSNuzX2YmnSCaLAhTKU8Rf44fAxYh_7LwN9xZBU=
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXTXdXm5nHc2lUxw7bu6Xh1U7geiqSL676feGreZ6cJMMHdPSNuzX2YmnSCaLAhTKU8Rf44fAxYh_7LwN9xZBU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzI4LDQxMDAwMDAwXSwiNDJDODE4NEMtNEI3Ri00QjY3LThCQTMtQTU2RkJDQjlERTYxIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzIwYjQzOGVkIixudWxsLFtbOCwiNDVCZ2dmZHpHaVUiXSxbOSwiZW4tVVMiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
5dc908e246ff81addaeef2b8775abe06bf60e22ec7c7d709a56633f57f1624e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-62WZJw5bATXatWrAWUVQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-62WZJw5bATXatWrAWUVQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6500
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
2410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:15:18 GMT
expires
Sat, 18 May 2024 15:15:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CEA5
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
GSE /
Resource Hash
fa3b8a3d24493d1c52e398a97e5435e52e674c0c68bdcd288102e9df5df9ee5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ewTb6d3Um_6djELrQzTTGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ewTb6d3Um_6djELrQzTTGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:28 GMT
expires
Fri, 19 May 2023 15:55:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ Frame 71D7
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 15:12:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 15:55:28 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 71D7
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 09:32:06 GMT
x-content-type-options
nosniff
age
23002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 18 May 2024 09:32:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 71D7
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:30:03 GMT
x-content-type-options
nosniff
age
1525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 18 May 2024 15:30:03 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 71D7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
80373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8271
x-xss-protection
0
server
cafe
etag
10419244916965318868
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 17:35:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E7F2
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:28 GMT
expires
Fri, 19 May 2023 15:55:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 5ED4
22 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 13:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 13:34:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 5ED4
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 13:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3047
x-xss-protection
0
server
cafe
etag
5552017188384030315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 13:34:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5ED4
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:39:45 GMT
web.prestigeconstructions.cpv-dv.js
script.mfilterit.net/v3/i/client/ Frame 5ED4
30 KB
11 KB
Script
General
Full URL
https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0jI5vKOVQbvIobSYHwBb-oZ&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165178&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi6ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcB3Rp-rMMz58E8rcX6JY-BmQ&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD}
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95933f7fdf5212c6d9a8741415c85b0230473a00919e570c1e81306c2dfa0bab

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 00:56:30 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 10:03:28 GMT
server
AmazonS3
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"3b4fae212dbd10d73230040e8d1d61f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
53939
x-amz-cf-id
q3DcCMKm9vNpsxPVtbfJ0l0j2RlV_U9J3UTj4xtnDATzWZvN0XCTrQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 5ED4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 15:15:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 5ED4
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5ED4
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ED4
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Di2Mk-AdKllqDNFSyy7AcIju749RvNc8-AyxTknWtdfCN5MTW-FliSvkMPJMEoW-4MyVzLaK9iiY7B7mRkvNxPoYNuAFoLVISerAj4YIuyQdhsFgo
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12966773588449590959
s0.2mdn.net/simgad/ Frame 5ED4
101 KB
102 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/12966773588449590959
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
2abd1a8b2340dc2d87eeab611512a28efa4111f1262841d013c04862ab8862f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 May 2023 13:04:46 GMT
x-content-type-options
nosniff
age
528642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103708
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 06:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 May 2024 13:04:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1CEC
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:28 GMT
expires
Fri, 19 May 2023 15:55:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
12966773588449590959
s0.2mdn.net/simgad/ Frame 4ED6
101 KB
101 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/12966773588449590959
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
2abd1a8b2340dc2d87eeab611512a28efa4111f1262841d013c04862ab8862f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 May 2023 13:04:46 GMT
x-content-type-options
nosniff
age
528642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103708
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 06:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 May 2024 13:04:46 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 4ED6
22 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 13:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 13:34:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 4ED6
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 13:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3047
x-xss-protection
0
server
cafe
etag
5552017188384030315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 13:34:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4ED6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:39:45 GMT
web.prestigeconstructions.cpv-dv.js
script.mfilterit.net/v3/i/client/ Frame 4ED6
30 KB
11 KB
Script
General
Full URL
https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0gq6Bk0XYYt2sawqlGIm7YS&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165179&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi7ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcBjyBlbmotR1d0P8XPKyLC5A&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD}
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95933f7fdf5212c6d9a8741415c85b0230473a00919e570c1e81306c2dfa0bab

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 00:56:30 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 10:03:28 GMT
server
AmazonS3
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"3b4fae212dbd10d73230040e8d1d61f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
53939
x-amz-cf-id
TAgVIYaXfzXdwrJfmX3Oy81QxMJliwARrS6W3PfhmmC-EVx9llvBWw==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 4ED6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 15:15:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 4ED6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4ED6
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4ED6
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKwn9UvQO6Q8SvNqhe9H0rpidk5BqkcK18DHgM9zugyhuCYMs_unNsWgPP0DbNktQPylmLqal8GRGNQqB5Yl32LsNP0tnECjUnb1-qkbFdjvQ9wyI
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9B6D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C81Qz7ptnZLyKCrqE_tMP-aCtiAe50p6icP38v4eiEdrZHhABIPyvrpIBYI3y0gOgAaLD4KQDyAECqAMByAPJBKoE2gFP0BO6f3OPZ1SigafDiBn_6AwBxkgP26eBmzdUd-6yE4gddg02lbUE2uL-6J-2XE9zXRAjNfPsBGTJ4GO8v6dAdRfJ5IBdZu3Yl_QzBBAwpmDi9SZ7VmP2fB5f_fvwXKJpISlon57xAaoK7X-vXcT7VMvZeeHWGrmYN_23x4SQyVNZtieAymsVa_3TsbZfFIbMSvdEg7BaoAKYBbLx5f5OtK7EhFmIo1xVBL4GSwSBNNyWlZNE9ZwsqJGIfHYVwIh88NNSQU-fXo1OlQ4Qbwx-bLDhwMepAa7ymcAE5NTW3sgEkgUECAQYAZIFBAgFGASgBgKAB8a8n1uoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCc8BHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNTM2NTE1NzAyMjMzMjg4GAA&sigh=LfM266nh394&uach_m=[UACH]&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 May 2023 15:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 19 May 2023 15:55:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 9B6D
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:13 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3B62
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:51:54 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 15:15:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:12 GMT
13759818770648877927
tpc.googlesyndication.com/simgad/ Frame 9B6D
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13759818770648877927?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql_BtQwkYL3CuDO6LTdSpL7uGoerA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
bc9504ff88dfe4b04208e2bcc993b57a94ce14a5d91ed3baf8f313894b6bfd63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:04:34 GMT
x-content-type-options
nosniff
age
21054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20126
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 14:03:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 May 2024 10:04:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B6D
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13064
x-xss-protection
0
server
cafe
etag
484897097926465030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 17:35:24 GMT
AGSKWxVMi6vVqLw-t_q8l3welvVt1Q-c2MYTfqZE3XA4zmA6XcOO8NE7PJmaN3nwdYAaJRW1rpuOQFc2jjSubzsCYXTSKaCfG0UtElXTdaJDwOw72dlozDul77wPXmDgJrCeiX2e-ENJWA==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVMi6vVqLw-t_q8l3welvVt1Q-c2MYTfqZE3XA4zmA6XcOO8NE7PJmaN3nwdYAaJRW1rpuOQFc2jjSubzsCYXTSKaCfG0UtElXTdaJDwOw72dlozDul77wPXmDgJrCeiX2e-ENJWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzI4LDI5MDAwMDAwMF0sIjQyQzgxODRDLTRCN0YtNEI2Ny04QkEzLUE1NkZCQ0I5REU2MSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJwbCJdLCJodHRwczovL3Bhc3RlYmluLnBsL3ZpZXcvMjBiNDM4ZWQiLG51bGwsW1s4LCI0NUJnZ2ZkekdpVSJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
79e6ab21d1377aaff9ab5513da25b5ce92e7512e5bbfed7127a69684feabcc10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a0xUajO1_6n_AMdyMXmhcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-a0xUajO1_6n_AMdyMXmhcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CEA5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4105589473415225&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 6500
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 06:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
32209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 06:58:39 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B12D
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
31449
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:19 GMT
expires
Sat, 18 May 2024 07:11:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame E7F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E7F2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E7F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:29 GMT
AN-X-Request-Uuid
3e7296e0-22af-46ec-994a-a13ca5616827
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 19 May 2023 15:55:29 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
918452f6-a07a-4570-9c31-26ebd7e3997d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1CEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1CEC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1CEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 15:55:29 GMT
AN-X-Request-Uuid
25be5697-9dd9-4a9b-86dc-4ba7652396b6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1CEC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 19 May 2023 15:55:29 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3f6a6785-dbec-419e-a7bd-08b747ba2849
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB36
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
31449
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:19 GMT
expires
Sat, 18 May 2024 07:11:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3B62
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:28 GMT
expires
Fri, 19 May 2023 15:55:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9B6D
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bd72700b0d8a216d0f7e85992676f1f31240d2856fbd2963d72cff5ccf67e11

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 6500
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?QxlFzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
/
Resource Hash

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame B12D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
19146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 10:36:22 GMT
css
fonts.googleapis.com/ Frame C657
9 KB
1005 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 15:04:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 15:55:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame C657
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:13 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4B37
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:51:54 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 15:15:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:38:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C657
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:28 GMT
a0d8c68f3de0718362c8759993c4ce7f.js
www.gstatic.com/mysidia/ Frame C657
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13639
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:16:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:46:22 GMT
x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame EB36
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
19146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 10:36:22 GMT
/
collectcpmv3.mfilterit.net/ Frame 5ED4
0
221 B
XHR
General
Full URL
https://collectcpmv3.mfilterit.net/
Requested by
Host: script.mfilterit.net
URL: https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0jI5vKOVQbvIobSYHwBb-oZ&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165178&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi6ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcB3Rp-rMMz58E8rcX6JY-BmQ&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.212.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-212-135.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 15:55:29 GMT
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
awselb/2.0
content-length
0
content-type
text/html
/
collectcpmv3.mfilterit.net/ Frame 4ED6
0
220 B
XHR
General
Full URL
https://collectcpmv3.mfilterit.net/
Requested by
Host: script.mfilterit.net
URL: https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0gq6Bk0XYYt2sawqlGIm7YS&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165179&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi7ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcBjyBlbmotR1d0P8XPKyLC5A&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.212.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-212-135.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 15:55:29 GMT
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
awselb/2.0
content-length
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4B37
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:30 GMT
expires
Fri, 19 May 2023 15:55:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:55:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.205034686252598
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zym2tEekySdWkD67ppvWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-zym2tEekySdWkD67ppvWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.95888928295625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--XnVRaxIy5MDlxUd9TCoAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:30 GMT
content-security-policy
script-src 'report-sample' 'nonce--XnVRaxIy5MDlxUd9TCoAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4105589473415225&bg=!vb6lvurNAAYldGN0BXQ7ADkAdvg8WvRxNmVDvNDv_yG9PltYYtZm1mS_a_9gG65MCrbewE7-E1utOI4kH5St73ii5kJEdabV1YQCAAAAf1IAAAACaAEHCgA5e5WKys5UTrRxovTNzEa1P7zJqBEqG18-8N1zTbaG9ZNyo4W0czDgoQPHsKtR9tleczdTvnYhrmKBmQKgEsIu9NcCrxbkphF9nxTiAawks8HvdtAFyCRvgS2ogWMPgcnwClkrVkoafMTpMhR1bi0hl4q37DJGvAPuASEyCRUzXnHqTeskH8Brcpv1jUMR3nSujxMkesU7sRcckT_YY0hOh8SkkBEElqmSxpYyJOxX800CV2rD-dHjK4vD4nkSljPtSISB4Lyfny62t5pB1rm6v9w_5e1yCCEst5rBgDhpfIHDLVcFGJzA68n4ObqV2-8qPsWF-hJRmpIcWia8WibB4I1vhhcQjHNsV4N8y_J7N97le9lvql9uGCRjYvKagGvyJgM_j-aDCn-rlKGOhrOkkfBwua68yg1PBeqkSKOx8QInT9-jxmcvwIxdJVv8urHPYY8AwhFoB9RVDWFN2pDe8xA18QirzQ2EL0246M1k6AnjvpYzQkwqTNhN2GQzVzsWudS3dMKpixpmwPTKCfB0Od2ol-Ox4Jc26XAv0Pz7zrjFYsqcOZjtWijMZiH4cFoVZdbWiSsZGr9WwNrlreCp8HTOR3q5zsNal5XYcK6Auj6nrxge69OLbkXrV7b7EJD6rd0Mz80z0W9bhj64YVopjdQY8Puoi9ptEN7pBmQYs_KBbn7wLESS76B0uYdCu9EoO1fAIt5ZVeVSbnAIqdkxjyKT3VWRT6BxZ8KfSg4x_4PJP3DJRirw-gNPr1WxFaZYHVG3nRFficJHrKOhiD7N4PZE05L67usRwpPZV3T4MbeZzmRS9jlREosrCTr2taWyVUXyXMEd8otqDOZgY07G3xicNRTDbRFPCksUahAurW7zw_MaeA0JL7s5yxN-XZSQpDQrBM8TighXkMg21DWhcaZp6-5bQfYp2wuxfAqSkSFawdlygH01E5I5qqe8Pd9663XW1EksVVLWHqNj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame A6AC
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
19148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 10:36:22 GMT
AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AIIHDXcyQn8tWxPypMxnjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AIIHDXcyQn8tWxPypMxnjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastebin.pl
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame 906D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
19148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 10:36:22 GMT
truncated
/ Frame 5ED4
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f5f20629142e2d76ba6b8e226b32346a3db3086724ec517a6141854d51353a1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 5ED4
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssEMic7Y7naRn2TaiYr1k8iVK7S-cTyUR0gnxueiibfgzH2Ef-jngEoVKQHPfBMbhMuq2W-bRwKggHoT9B8ayeoCRTP8mDmO1sLCA-vtnFW04MzrMgeb9RibMMqk_0KDYO9GX0RGXYafEfApiLrr12PCRxZo_a6FxLJGMesIhCoEY7aJq2RQJPnx2ZOyYv-1ydM2exFaJgS8jFgHpbFQAmfbmO2DJKbwXkSZdwmbDbNcKGA284O9Sr7XLjICtYJ_i9XBSl9cXsAnBiWbLrUVgvqiljaCAA8haVyVup47Jf7K4G8HfyJIf8S9mK8FGW0pSm9JSriNcGkasPOWR8YbiUZM2yF3qwOHdOgYslGICS-734DXviPgPU00uiZRw8bIb5iT8ScHwmEbOP1q5sbcru4dw5Bti4vqWU_d2ocquhpQo2BBYijjEGpTisUijlWRNXgNV8nHLhp_hxYlz95dLrtXgi3IMJ9erYlSAIQh4Mdxt8kyQ1QWmWhfHV3-M2cNLzbvypObG9Ww1T16wQcv8wDt6qG4U61vBqk8M0qZ-_BD1OY2YwCEAjMoNCa03bCmo0qDI_KBn2__8VBr4mE_gkc_yxQzLw7Dgvyy3PuaxFX18LWQsHPgaFThtYfIaTKqvMQJT7poCNxsRgdmSSidkYJij9xr_OvwgfAVHWZWj2TLFgNwc2oIvzNObvgSQmXsFkX4gnjOzTRiLrzAVQq7WNTMETi8hZOYRs9D1UAN9VinjgwHK0iz-mqfEs1TwzQyhxRK6Dq6GeXl7umIJcJeyh9PIcXs1nZZumYqIy1t7gw_Xgjcq1BOQL_s6M_Gynv1e1kJS9p0lJvmn3do9mC3DV97CPfoymFR4yh8oRf_crBXpRwanoyCXT0IuAl0J7Mloyz7Ki_kZb_wSvSIgab5xVQFL0VKnDJ1tHsnjX9WPYPrbbUgUXF8-YEABda5GesjBKdQ8TmOEIzGrAJga7EgGG9NXI8uD4TvyMoKT2Ua42HrG1lITMiOZbNAkZwMIKFSBxx8rTjOPPmp2E1Ex0Zy-Xg2GO2--u-UFS_mKOhgabJIlZspzxlvKCx3b6Aq-maz8UdHFOBn5-HAqn7Hg4909d0zg8lHaBqmZ4As1sVJhsUk8mh1hePmuKOuc-djcyJTlUJqBzoMAU22wSbIGlY85-MAgC0DUUNHuiw9vxthjC1Rbu0XI4NEIJ2MrQ&sai=AMfl-YThWGcjek6jLlU1JlFOBjY6wlTQtTcjtY5COmsPbAxAPU-CPmSiCRZmXwQa4ouzHsblOmArTZyIb4xjrYAfUZrkFB24flPybozMLwKyXmYll2X6mQgNWjkJhxmy8t2DExw1EzzeKk6HGvhZmvJARlSrGYBWIDLLDtv0j0VqYabfM4KP9-c2G-z1YuSgXLOFL-CSGlFmUjycuEk0GrS74j7U2VR3cuY424N-vxNVxy9bSaFJFOVZN_PoJw4&sig=Cg0ArKJSzISXJJE74HRhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZmlsdGVyaXQubmV0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2217&cbvp=2&dett=2&cstd=0&cisv=r20230517.26115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 May 2023 15:55:30 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:30 GMT
truncated
/ Frame 4ED6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6b363becd4d87f9c5c9f6b7de719545d1d7e91c6d1982fccb7d670b6467baa2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 4ED6
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvui271VDnZvOhZkclDEgLmUEkNRo-wYP3Oqv5IYWLq3BHZLTmEI26Twvhiu8odclI1r1zquJmUUvrq3Ft5FV6XYA3mRWB78CIigGE-bS6ITD7cJVCmMMyUPpGxGir0rucye1B0rwl9fB1z7cprGuze-oQ9RsWHjXilsKSGQ1iD_8HdiaAsxNzthOcsg6wZpGoXarhRf05AzOk51JVkfW0XhGmyQqoGpof5hhiIJ_1vVCd_oXw9cUp56TTi7Acy4jl2Osey5qrUG_0yjGx5WzxSYiKlLUIRHDL7YRAywgacI0srM7lpWeiw2FcoJLbbfE-0vyMdwi3GhXiyzVM-nrIVUcuHq7gWeWujJ9RDFv_4RIAUTrJJzbEpz54K-xONHXyGkKKywq8cuyHcwpjEhqBjlueIyYRCdi2aiSncbRvqq7__m2q2X2nntdy8eWlZK5jZB5FhuQIiZ3pnOwf2gE62xJtHF0UwIgAo-T4yreHZ00ffmL3-FMoCehj_E2g34HQ1dqCVqf4JyeBX-cx9DAByptby6tTvuTlRwBNeFPnTOH7K2RLvW_uyR-jAJJ_CXPpeSL3eE_6TyRf5vXacMUIIFYPXkJTG5cdzr21f-4VF6nsYOVIxryh3ApVr7HkR54t1DbW1l_pNJTR3On1MGypJJSPiUs0kH6Rq9-oxepKk4ptKfIHni-0h-ASBuQ6912uKCpv0UoNKagnc4v3StYVbMHRf_AvJxe4FIdp5OiuacQhSoGWdJb9kaFWOqoFTk8-JBLQL6fR0bp9twJ0-HwMdvJob_5fLgrWGOIpH8q9A2XbUrQzbxS-VgAZB40TKwp2rKx46cQbTHht0OGHyUmrKYy2PLg3pnHqerQRdgfbjRBXHYOt-UK6x-QL0nC_uZ1cmUfzk8tSaa1xMFfjQxuru-l78bzG1W8e470aAT6nezCeE6KNtAx6A15a4cZcZSDi7DV2qUkfiZXhi0Zy0_rX8YhUcg9CdbhZwV9N7yBpVzfvheWyKJoHOd1YKKJO-7gsXkdjVGt2hfjQgQ1Aq7qSkBtSXMGW0JP1vpBjgKhHDyD-3DyT8Pi3lCkGcW9npR0uj3Ycvog6t-eDLQYDrUvInTIiJgN48sxqkBccpnI7nUqE5AHIQviWTd1nnAzKWyNxK_J9Shz65h6ql694ZWNOtqUC4AekuPswKzFoywwhvUcYt1iIdF04-fLY&sai=AMfl-YSODeopaR9aFx140XqSW6vZTL5YBcm-qt6GGjz54Qm8hviXJbQbcThtO65a9h0UCd5Rf6cdD6sngzjhbJV-Pwpg30FzsU1X05trCFxK6Xt_qDwXJkWig-3bLzJOrztFAoobSupVn_frpwBugXM-1nDKl49FW1VRU_WVXq7t8DYGRlQtqfPTOWhlK4HYZ0vrOSiAuQW39fCByk4S1yToGIrdvOaRJ9YVl7_FmcncRxFz6WC6jikU0k21LqM&sig=Cg0ArKJSzFKHUwB3BC-aEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZmlsdGVyaXQubmV0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2213&cbvp=2&dett=2&cstd=0&cisv=r20230517.08176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/20b438ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 May 2023 15:55:30 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 19 May 2023 15:55:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB36
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br7ab7ptnZLuKCrqE_tMP-aCtiAcAAAAAOAHgBAI&bg=!lpWllcHNAAZ8_aWmXP07ADkAdvg8WqWOfAeauSWgspOKt99yuTmLgd-ymn58AWZul4v-xthIs8n-OTu8XTkhPlqfkYLm6wOTnc0CAAAEClIAAAADaAEHCgAp4gngmrITl4lCGgxu5gRz1O-LlFNasShw1-5wX2GzXQzDegTXJdmolpSZAvulPpdPurEb9A_IkNkeCK6jx_gasGY4xEwB9M9eYB_59Ha4RiqtYyKBSGnM118LXPjUvNGXFSOFZwhRxpBOGSxYNArAISkCIU44aIF_c8zv6ELe0Asw_7VBZz8hcd95-_BoHZFZAh6zTrA2P5Njqli9BlMV3dhRkVFWjriiN9IcfDjjujzAnTZlaV9B3UbJh5l4CeMqW2b2iInrVJItI130ZAJ82i75PETvxeslWWE7G0nSqXvIEqLXa6rA8nPAgvRy6mlnEOJ86gQ5OaDWyfHIcPfvP8XYtl6S7z9Ipz73ZfKbV6-AdjYcnbPcz_FH3tgxi5AckZnTdEm_Lt83liDznLjmWBP4WM5Ycj2Oow0R4XEBa2k8_cPXRa72RlUzxlgEvP_r6VuU0LHSGJOIm7asyFkTIi-p0q-f19zj5FMAr5m0X4QmV-EghwDBzA9-Vmf_Vc40oVf55pw8-whzVZQo0BzZ2Ek5ncJ84kaTmp3wvCXFj0YtlYYMD-dmXpPhnTfwh9NEDNKel6p1CtIaO7bZu6UfN3f112YfSL4QjoOuZWgFPaoApNZIKQO9GC0j5yRSTS7PIkFGOkB5FeOUi-abiO7Te8aLdkpKnYkDKK6GFXkwcblt8oH7BvOCCtYOaTb4IIMrE46pkUKU6Epk-_qeYbR4ucPzNVc2m8quKnFBNrwkW6RlXyyDKa3dWTBzaekaTZ4r9SP-j0WaXwomUNBQjCx1m2cgswf-42NLyGJz0sIsGX0WcfS3LVzIAC3nCw2CW-BBIxiqWoTbFvAQynC1ftfFAcLBHvkRiVWbs2pfyqzJEELSTuLBuTGvAWadg3kuiuQRs8yfatfLFl_FEC6FxDPpYEDkZ8pnTQNGzcs2y3uHXpWPNBgOZaO9Ik_PZPLA4kwNxduNHiLrKpNkO0-01Uf-vB3iSeHJP_0rjQG5FwKRNFs_9jLImQoHLvfH08JkeA9GgOtfNXHAnTlJBLQYhOaAupm6YGJjPNzi21b6ffPiyFJWCIxzv2Dc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B12D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCaLX7ptnZLqKCrqE_tMP-aCtiAcAAAAAOAHgBAI&bg=!-Pul-6_NAAZ8_aWmXP07ADkAdvg8WjPJJmnPlQbZes5GA4OTiun3R4EOn7cpx0xnfKT_Ahlw5768e2jJBQAAkg1eKh_vPzqmBWUCAAAE91IAAAADaAEHmQLvo8cs2pqo0GLoL9y8RIjgL-hT8YYZlXjl0URRUUb-t7llHlSZZ-8y_vJMozs85f8_5G61rcVp3qWHQ7Z9kkxWKKOWYoagjd6WTtXE4je3_rnbnnR6ads9cGcKABBHvh0A7cZKXsF26WAn9RbR18gtsYY6UvmyIK8J0oEx63hZT3q2DwIkTNtGWpwlUd1c2s9ybx715i0fxh1UEQuZmmXbzJg5T1rIBfFJqbVhwuWPFfUn47Uuatf6AVVOUEJsvrLwVRywI63fh1AyIgHSJKxcpZCVsMQcKyotyvAj-8R8lnRLZ2oz2K2Fq_J6h-Y1g212rhWw36VSho0gz0E7UWDpp2kJxVUVr6VR0pCLoSWQ9MT5y3CYcCh_Itfwcv463IuH9jicmbdjPKkuEEJ4TV9-E4M3rwYgxwWVa2eEdd576RO_W3mDGcDTPebzhOxYI18f895rfOvIB2oHceL7esShbejOGXxqjOvxsJfKrhXrZDN6KX_HgPc-gfPbicQ3YwWr3Sbk9V844Eeq3z1Fdsem67FCqtWbH1SSvOco-_B9Oz0J_7n-3b4Bmi_hvgrpbyBL9bi-rE9YyJ_K7ZOzcfPkbfIcC7ILgJLbx3iXMWbbs-oSiGt7BgQh-09Rmk3_jFiHPoH0RUOPNUJ3WCynglwNPFMIRzDegYrAljJV-QdIyol2QKh5_oVMyNxarYoeQuusPUR4c6P6a6Ut_raj8gxm1onuggTyTEB_3RIjktE0tvE8AML9W9hQW7rXjtKrlUMw8RJmB1GbCdNGiH6ccro10gZU-uYp88iD0CL1556XZ8cGU_WAFVrOxV4C5A0U08s05ugsLULMIqj2J_Ssbv3z1ei20luSKkH3zwpBPbR7vS2JCSTCaAODSwBieU9wxMuZqkMD8Kn39eIaYhrwHv32x9ruh6UdhR9tlZouPTj5dlFMF9alikMiFK5YqdixB9QSMYAFyV2EReAqk9-AjI0EH8POXJAnuVWfuO9lmoNiJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B6D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO62mm5qJ313MG4W5PFwSDjkzjMsAZT5AASQ4OHocQ2X3RBbSPvsOZ2Izhu8kh63h5aFmQNguXLuugKQZ1y_rd-vRdRYFP7C_QeWkQPxLPiI_DNld69wlM2r4gJo57Qa0743U&sai=AMfl-YR2NFaJvuHb0ViT-wBKnerDwOGnkz8cfWLU4ja6WNCSA2CR9jjn_ythNRuT9pOJ6yDDbFkHQW54i-0V&sig=Cg0ArKJSzIpGffg57AWmEAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728025&rpt=1737&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads20.
fundingchoicesmessages.google.com/f/AGSKWxWOo3OO7WX07FX8xBKhsqK2o0aSZep3x88VBx9ZzyQqBgCHP-m67OrJIjchdUfTqetXwsWcBiMMeSNfMxXQsPLdlxbkjBL46lDSigYgjPQOAPjdLcG7G9Nkh3VZeA849_TgFZ6s6fuu2NE0Gk1Y81bHFf14H...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWOo3OO7WX07FX8xBKhsqK2o0aSZep3x88VBx9ZzyQqBgCHP-m67OrJIjchdUfTqetXwsWcBiMMeSNfMxXQsPLdlxbkjBL46lDSigYgjPQOAPjdLcG7G9Nkh3VZeA849_TgFZ6s6fuu2NE0Gk1Y81bHFf14HFNrCaZw8JW5nscmvXU42dMHWkpLWSVH/_/directrev./www/ad_/24adscript./ad_box2./ads20.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
a00f8b9a4a846cea2142da7e6dcc940b535fdf3a0ab1b21b7a0798a21e4e013e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE4vj8kP-dF1FCTnwKOkQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE4vj8kP-dF1FCTnwKOkQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 10:45:04 GMT
AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IiFlglP7W4Rn7LpDBVmBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-IiFlglP7W4Rn7LpDBVmBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dlvwKxdtN8s5qAhdKT6gIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-dlvwKxdtN8s5qAhdKT6gIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eDPdi7wAJ83uByF6IskFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eDPdi7wAJ83uByF6IskFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjmMMT2OGqI8jTGU0_SNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjmMMT2OGqI8jTGU0_SNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU7YZa2U41I7-LyI9eWf7rX79YMGJsYl6rdC139HiBa33UXBvyN9vRkE3OqfkRE5L9Dk04pIkA9myFyIYkOQtMWeof-sFjnhQlF4BuZEYDYXchSc19Z5UVDr7iFX5qT8viynvJ12Q==
fundingchoicesmessages.google.com/f/
4 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU7YZa2U41I7-LyI9eWf7rX79YMGJsYl6rdC139HiBa33UXBvyN9vRkE3OqfkRE5L9Dk04pIkA9myFyIYkOQtMWeof-sFjnhQlF4BuZEYDYXchSc19Z5UVDr7iFX5qT8viynvJ12Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzMxLDE5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicGwiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzIwYjQzOGVkIixudWxsLFtbOCwiNDVCZ2dmZHpHaVUiXSxbOSwiZW4tVVMiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
9646bba1c1f0c898dce473abafecd582b05d3975a4a428e21c6040da1b17a84d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q7PUhwLFa4A-boAG3omCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-q7PUhwLFa4A-boAG3omCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV0VJ2PRfrIEdZpCZzUQjG5mMjauR3jHl-r96Fl1twouGSmmdaFSAyh43Hb-YKD2KDektRMeEcL9TP6F3-5PZ2V9BeaAW16M8PTuqYuTCKpy0734-HrPuHh_V1QdTd0GO5BTARB0g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV0VJ2PRfrIEdZpCZzUQjG5mMjauR3jHl-r96Fl1twouGSmmdaFSAyh43Hb-YKD2KDektRMeEcL9TP6F3-5PZ2V9BeaAW16M8PTuqYuTCKpy0734-HrPuHh_V1QdTd0GO5BTARB0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f6fcpy5Sbuw5irmVQuNxVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f6fcpy5Sbuw5irmVQuNxVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVmJqi4vbgmt4fdY7My6k15zvvm0_AfUVw8tuvUzr3r5oChTOgf0XbbBcheagXrGnKtcWWuRSe0hE8XG0XF68s=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVmJqi4vbgmt4fdY7My6k15zvvm0_AfUVw8tuvUzr3r5oChTOgf0XbbBcheagXrGnKtcWWuRSe0hE8XG0XF68s=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zfnGcriKYfjA22Zn13fmzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 15:55:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-zfnGcriKYfjA22Zn13fmzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5ED4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNpMwFaUvJixXk_PhoKUCLBxAIWdsh87CIPaXnOCw_OZ0Is-8hHhMFOJIX6V0--_UJP1cHb4wteBDbl0b0HjnwFNFn9uGKSIEv-YR2B1DGxNMZ9JrEaCvkivy09dnDMZ88zkA&sai=AMfl-YTO2D9qKF_bKQG8YtaqrwAAJUCd_0ktRNbthZ1BaB4ll-gg10t5ECeffVcw5zMyhVj9DHKgc6bTc8qU&sig=Cg0ArKJSzIXSdwVN4hx3EAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728190&rpt=2203&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4ED6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL5YuDMmeX5XuK9iQplGxaCqCTpk2nQzJpcN0PW50D6BCdF5Cp-X3zIqUc7mj22FKRu_FrTp0yTXf991LHvBZm1Wel_2hzXRN1f2MlGh6U7CJNPVWR4eivgctYHlWFKdVgwxo&sai=AMfl-YQ1qfSwNbZJQHFVwlqHrklBL5N_EznZqIiDAPtPc_VNLQNVJTHing42HRAsm3jbH9fbfK5U9hJ4UN7i&sig=Cg0ArKJSzOIjoVtjvkyREAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728225&rpt=2189&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 15:55:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless function| $ function| jQuery string| base_url function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| matched object| browser function| CodeMirror object| ST object| CM object| jQuery11020013972593952582102 object| $embed_field object| modes function| set_syntax function| set_language undefined| mode object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_708621 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms number| google_lpabyc object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDVkZDYzMDY2YjcyZTBjMmxvYWRlcl9qcw== string| ZDVkZDYzMDY2YjcyZTBjMmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| google_empty_script_included boolean| bb4ae011-af6e-47d7-91f0-1a197fdeeabd

14 Cookies

Domain/Path Name / Value
pastebin.pl/ Name: csrf_cookie_pastebinpl
Value: 5f6a0923254c84d0688f22cbe8dbd38d
pastebin.pl/ Name: PHPSESSID
Value: 8ghq1nis86kkdgv38ujc3g6rgi
.pastebin.pl/ Name: _ga_88PKPGCEBF
Value: GS1.1.1684511725.1.0.1684511725.0.0.0
.pastebin.pl/ Name: _ga
Value: GA1.1.1402083713.1684511725
.pastebin.pl/ Name: __gads
Value: ID=8701a518adfb8274-220a5d4bdddd00cb:T=1684511726:RT=1684511726:S=ALNI_MaOQ8s4z6x56OqdJWKvli9bwr01fA
.pastebin.pl/ Name: __gpi
Value: UID=00000c187af4523d:T=1684511726:RT=1684511726:S=ALNI_MYBf4ETwpE_XZ7JU8w0bhb7STUcfw
.doubleclick.net/ Name: IDE
Value: AHWqTUntfdhCHs_aArZrFn3x8z5nA_wMewMpPRaekR7y6VvIYp9N8CGfbWLazpy4eGk
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 5458657191472605249
.casalemedia.com/ Name: CMID
Value: ZGeb8H100QCYS4A8PdBqOQAA
.casalemedia.com/ Name: CMPS
Value: 2156
.casalemedia.com/ Name: CMPRO
Value: 2156
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In9wPVPb!]tbPl1M>e)ZlrFUfJ+tGXvX+^(jTl:Z:LoB$N3lLuy$nL[A76^NE6Kt.s_*3If)y3KL9D3I?+yPdq0U
.pastebin.pl/ Name: FCNEC
Value: %5B%5B%22AKsRol-I3HNhuyBiug2JmzLwVnWpyNmconDazjHTYzniYr6walN07qHc7OJ3DLw2_AMzM3tQqZOvAYuKr4ZMFR9l7aaXT2u8VRSQFQTInqWRmKzEuQyN6OeIX9MpAmwtcs2kEcwHK87Zm1DMYOpMJvmq2-LyUCp6bw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.ge
ajax.googleapis.com
cm.g.doubleclick.net
collectcpmv3.mfilterit.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pastebin.pl
s0.2mdn.net
script.mfilterit.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.225.78.41
142.250.181.226
142.250.184.230
142.250.185.130
142.250.185.162
142.250.185.206
142.250.185.230
142.250.185.98
142.250.186.104
142.250.186.142
142.250.186.162
142.250.186.35
142.250.186.74
142.250.186.98
172.217.16.202
172.217.18.3
172.217.18.97
185.157.81.233
185.80.39.216
216.58.212.132
37.252.171.149
44.229.212.135
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
19ebd6e5b2bf240dbe3c63585bcc351a8544328ef916acbb981df1b2c0e61340
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
1f5f20629142e2d76ba6b8e226b32346a3db3086724ec517a6141854d51353a1
2abd1a8b2340dc2d87eeab611512a28efa4111f1262841d013c04862ab8862f0
2bd72700b0d8a216d0f7e85992676f1f31240d2856fbd2963d72cff5ccf67e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e769d488c0c7212bb2fbca7622579762e4ae69922ac0d0ac3687ffb3b0f5afc
2eee13eff606a29a649997a6b60bcbd55270a650c13bd0f36d7e0058dc3da21a
2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
453195c3884df2dc8baf943fed648cf04d9ddb4776c6c24a311ca6df0641f53a
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51fed40a55326ed1a812dbef3a89424b9e9d103d0dadc3a02770e3c85127baca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590540a01a294fdc430f0aa7c5cb4784fc9e648fd9e5be00205a5f7bb9abab7a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc908e246ff81addaeef2b8775abe06bf60e22ec7c7d709a56633f57f1624e3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6313049b648307bae6371dc404a43cf606f143f5e578cf326e907400bda0d2af
64f737f1d65003f93c8cdb2aff80d21e5a997ab5ba1e2b0c3e8669ea9e4e8a4e
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
79e6ab21d1377aaff9ab5513da25b5ce92e7512e5bbfed7127a69684feabcc10
840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1
849508599f0fc50c8c2f3ea83dfd0ad60d4d926291de4de36b416f2490e0e0a3
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95933f7fdf5212c6d9a8741415c85b0230473a00919e570c1e81306c2dfa0bab
9646bba1c1f0c898dce473abafecd582b05d3975a4a428e21c6040da1b17a84d
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0064836bbda6a4e2d10a5ec5eabdf1cf8463c799c43800886287bb28272c6ed
a00f8b9a4a846cea2142da7e6dcc940b535fdf3a0ab1b21b7a0798a21e4e013e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c
abcd04d677a9d3b33e2532cc302f439badf3d15883a1adfc25b39f43217d18c5
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b483843fd1e252191147929d28e5b1344f4c4b86306939a65775d72284e7e895
bc9504ff88dfe4b04208e2bcc993b57a94ce14a5d91ed3baf8f313894b6bfd63
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
c6b363becd4d87f9c5c9f6b7de719545d1d7e91c6d1982fccb7d670b6467baa2
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdcabcc0174fe6a0f72d2ea30687f72b5592e2c7c99faf51962edf0a0d71f945
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebb78fcddd1ce16b5147e76f0e6e70eef501a40a43c77190f93ccf6e2d880f74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fa3b8a3d24493d1c52e398a97e5435e52e674c0c68bdcd288102e9df5df9ee5f
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68