pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastebin.com/vh0uxp7i
Submission: On January 08 via manual (January 8th 2018, 3:42:12 pm UTC) from US

Summary HTTP 128 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 128 HTTP transactions. The main IP is 104.20.208.21, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pastebin.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 17th 2017. Valid for: 6 months.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	104.20.208.21 104.20.208.21	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2400:cb00:204... 2400:cb00:2048:1::681b:5926	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	204.11.109.78 204.11.109.78	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	204.11.109.76 204.11.109.76	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1	23.111.10.144 23.111.10.144	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1	95.172.94.20 95.172.94.20	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1 3	2.19.43.224 2.19.43.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:200... 2600:9000:2002:8400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	95.172.94.23 95.172.94.23	15570 (Internap ...) (Internap European Autonomous System)
3	204.11.109.65 204.11.109.65	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	204.11.109.66 204.11.109.66	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
2	204.11.109.67 204.11.109.67	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
12	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	68.67.153.75 68.67.153.75	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3 13	37.252.172.27 37.252.172.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	2400:cb00:204... 2400:cb00:2048:1::6814:10f3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5 12	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
2	37.252.172.39 37.252.172.39	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
7	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	54.77.170.180 54.77.170.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
128	23

46 104.20.208.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:cb00:2048:1::681b:5926 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pub.freestar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.78 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.76 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.172.94.20 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
PTR: pixel.quantserve.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.43.224 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2002:8400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.172.94.23 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: pixel.quantserve.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.11.109.65 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.11.109.68 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.11.109.66 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.67 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.153.75 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: lbip767069.nym2.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.252.172.27 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:cb00:2048:1::6814:10f3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prebid.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.112.166 (San Francisco, United States) 5 redirects

ASN54113 (FASTLY - Fastly, US)

tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.39 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.170.180 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-170-180.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	pastebin.com pastebin.com
23	adnxs.com 3 redirects prebid.adnxs.com ib.adnxs.com	3 KB
12	contextweb.com 5 redirects tag-st.contextweb.com bid.contextweb.com bh.contextweb.com	4 KB
11	tribalfusion.com s.tribalfusion.com
9	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	131 B
7	freestar.io pub.freestar.io
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	google.com adservice.google.com
3	google.de adservice.google.de
3	districtm.ca prebid.districtm.ca
3	googletagservices.com www.googletagservices.com
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	730 B
3	google-analytics.com www.google-analytics.com
2	quantserve.com secure.quantserve.com pixel.quantserve.com
2	exponential.com tags.expo9.exponential.com
1	quantcount.com rules.quantcount.com
1	fancybar.net cdn.fancybar.net
128	18

	Domain	Requested by
46	pastebin.com	pastebin.com s.tribalfusion.com
15	ib.adnxs.com	3 redirects pub.freestar.io prebid.districtm.ca
11	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com
8	prebid.adnxs.com	pub.freestar.io
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
7	pub.freestar.io	pastebin.com pub.freestar.io
6	bh.contextweb.com	5 redirects
3	match.adsrvr.org	3 redirects
3	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net
3	bid.contextweb.com	tag-st.contextweb.com
3	adservice.google.com	www.googletagservices.com
3	adservice.google.de	www.googletagservices.com
3	tag-st.contextweb.com	pub.freestar.io
3	prebid.districtm.ca	pub.freestar.io
3	www.googletagservices.com	pub.freestar.io
3	sb.scorecardresearch.com	1 redirects pub.freestar.io pastebin.com
3	www.google-analytics.com	pastebin.com
2	tags.expo9.exponential.com	pastebin.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.quantserve.com	pastebin.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	pub.freestar.io
1	cdn.fancybar.net	pastebin.com
1	stats.g.doubleclick.net	pastebin.com
128	25

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-11-17` - `2018-05-26`	6 months	crt.sh

This page contains 8 frames:

Primary Page: https://pastebin.com/vh0uxp7i
Frame ID: (E83E5BBD6211A4BE456CF5E514328E97)
Requests: 56 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (3D0F757153EC447085734D55DF7E5FEA)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (F6E9CC4AA1A8291DAB622F0B6A94CE72)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Frame ID: (BE0818A07D3F72FA8CC1BC77C39E4AA)
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Frame ID: (99C1D715EDD448C260B91DA4A4F2BE10)
Requests: 2 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_custom_safe.php
Frame ID: (6A218EAB88A0B76CB377355F7ED3A64F)
Requests: 19 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_custom_safe.php
Frame ID: (C27BC50B08B5CD79BBBCC725C4B2A9D2)
Requests: 21 HTTP requests in this frame

Frame: https://pastebin.com/adserver/300x250_custom_safe.php
Frame ID: (C9F51AA7F3E13343FBB123A179CF5E09)
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Page Statistics

128
Requests

36 %
HTTPS

28 %
IPv6

18
Domains

25
Subdomains

23
IPs

4
Countries

0 kB
Transfer

2102 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: deals

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&c9=

Request Chain 117

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

Request Chain 118

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEvvrnjRMtrVBl6D_4vmsvg&google_cver=1 HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205

Request Chain 119

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

Request Chain 120

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://match.adsrvr.org/track/cmf/contextweb HTTP 302
https://match.adsrvr.org/track/cmb/contextweb HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91 HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205

Request Chain 125

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

Request Chain 126

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://match.adsrvr.org/track/cmf/contextweb HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91

128 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vh0uxp7i Show response
pastebin.com/ 73 KB
0 274ms
254ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad14ebaed9b28f7e0031bc0a6fb5380a0f9b04ca7eae93fc909ed20ff57e275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /vh0uxp7i
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority: pastebin.com
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 200
set-cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; expires=Tue, 08-Jan-19 15:41:58 GMT; path=/; domain=.pastebin.com; HttpOnly
cf-ray: 3da043984e0563af-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
0 17ms
16ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/jquery.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 3da04399def263af-FRA
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 pastebin.min.v2.js Show response
pastebin.com/js/ 35 KB
0 10ms
9ms Script
application/x-javascript 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v2.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/pastebin.min.v2.js
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:32:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 3da04399def463af-FRA
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 text.css
pastebin.com/cache/css_lang/ 706 B
0 14ms
13ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/cache/css_lang/text.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/css_lang/text.css
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 09:15:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 3da04399def363af-FRA
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 pastebin.min.v4.css
pastebin.com/i/ 39 KB
0 19ms
18ms Stylesheet
text/css 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v4.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin.min.v4.css
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:30:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 3da04399def563af-FRA
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
S 200 pubfig.min.js Show response
pub.freestar.io/pastebin/ 651 B
0 94ms
59ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0d78d6c09317c993832ccf0d37d38da713ce6fe2cfeb1a40ef24473da06335

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UojtBWM9_0zU6BdQk_GyF7xjc2rDw7vSD7ufHUhR_R_CrlYIED99OHwDai91QL-SSyiQCgqCvikOXY_SNsxochOQB64_Q
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 23 Feb 2017 17:50:42 GMT
server: cloudflare
etag: W/"b3e8921e9238f380e7aff0556f6c8d27"
vary: Accept-Encoding
x-goog-hash: crc32c=jkyR9A==, md5=s+iSHpI484Dnr/BVb2yNJw==
x-goog-generation: 1487872242451988
cache-control: public, max-age=3600
x-goog-stored-content-length: 651
cf-ray: 3da0439a6b3b9732-FRA
expires: Mon, 08 Jan 2018 16:07:24 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
0 19ms
18ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/guest.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/guest.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-480"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da04399def663af-FRA
content-length: 1152
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
0 9ms
9ms Image
image/gif 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/t.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/t.gif
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2b"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da04399def763af-FRA
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/Safe/ 7 KB
0 755ms
151ms Script
application/x-javascript 204.11.109.78
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: HTTP/1.1
Server: 204.11.109.78 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:41:59 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Mon, 08 Jan 2018 16:41:59 GMT

GET
H2 200 gift.png
pastebin.com/i/ 2 KB
0 9ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/gift.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23396f2caca227b0433f07c7952518183b9ffbbaa4574a7da47857693f0e17d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/gift.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2017 08:11:04 GMT
server: cloudflare
etag: "59f04718-78f"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da04399eefa63af-FRA
content-length: 1935
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 35 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

SPDY

Server

2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 1660
date: Mon, 08 Jan 2018 15:14:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Mon, 08 Jan 2018 17:14:18 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
0 22ms
21ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/header_bg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/header_bg.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bf"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f1b63af-FRA
content-length: 191
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
0 10ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pastebin_logo_side_outline.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin_logo_side_outline.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4660"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f1c63af-FRA
content-length: 18016
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
0 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/add_2.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/add_2.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1eb"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f1d63af-FRA
content-length: 491
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/search.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/search.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-595"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f1e63af-FRA
content-length: 1429
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 menu_down.png
pastebin.com/i/ 506 B
0 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_down.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/menu_down.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1fa"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f1f63af-FRA
content-length: 506
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 dd_pastebin.png
pastebin.com/i/ 667 B
0 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_pastebin.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_pastebin.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-29b"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2063af-FRA
content-length: 667
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 dd_messages.png
pastebin.com/i/ 1 KB
0 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_messages.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_messages.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-44b"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2163af-FRA
content-length: 1099
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 dd_alerts.png
pastebin.com/i/ 915 B
0 12ms
12ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_alerts.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_alerts.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2263af-FRA
content-length: 915
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 dd_settings.png
pastebin.com/i/ 1 KB
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/dd_settings.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/dd_settings.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4ee"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2363af-FRA
content-length: 1262
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
0 8ms
7ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/linebg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/linebg.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-177"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2463af-FRA
content-length: 375
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 public.png
pastebin.com/i/ 2 KB
0 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/public.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/public.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-7d3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2563af-FRA
content-length: 2003
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
H2 200 pro_btn_hover.png
pastebin.com/i/ 729 B
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pro_btn_hover.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pro_btn_hover.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:58 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2d9"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439a2f2663af-FRA
content-length: 729
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:58 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
0 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1703260282&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&ul=en-us&de=UTF-8&dt=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=71983499&gjid=718990614&cid=816914615.1515426119&tid=UA-58643-34&_gid=1796812326.1515426119&z=1787893811

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

SPDY

Server

2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2018 16:47:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 428078
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
0 15ms
15ms Image
image/gif 2a00:1450:400c:c0c::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j66&tid=UA-58643-34&cid=816914615.1515426119&jid=71983499&gjid=718990614&_gid=1796812326.1515426119&_u=IGBAgEAB~&z=1579416461

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

SPDY

Server

2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Jan 2018 15:41:58 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
0 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1703260282&t=event&_s=2&dl=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&ul=en-us&de=UTF-8&dt=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pagev&ea=Safe&_u=IGBAgEAB~&jid=&gjid=&cid=816914615.1515426119&tid=UA-58643-34&_gid=1796812326.1515426119&z=1524494933

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

SPDY

Server

2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2018 16:47:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 428078
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/ 7 KB
0 757ms
151ms Script
application/x-javascript 204.11.109.76
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: HTTP/1.1
Server: 204.11.109.76 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:41:59 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Fri, 21 Jun 2013 00:18:47 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Mon, 08 Jan 2018 16:41:59 GMT

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 10 KB
0 24ms
9ms Script
application/javascript 23.111.10.144
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=pastebin
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: HTTP/1.1
Server: 23.111.10.144 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2ca8904452135a1a1d08c4ff4f873458700854884ebaa667d65c63c851a098bd

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:41:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2016 20:20:52 GMT
Server: NetDNA-cache/2.2
ETag: W/"294b-544d1d2642384"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 11 KB
0 51ms
11ms Script
application/x-javascript 95.172.94.20
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig.min.js
Protocol: HTTP/1.1
Server: 95.172.94.20 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS: pixel.quantserve.com
Software: QS /
Resource Hash: 23a1a8123c5cfb9df1063c6cfbab2b7bb80fe645d6e7158baacbea022a81e2a0

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:41:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08-Jan-2018 15:41:58 GMT
Server: QS
ETag: M0-8af1d7b9
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: close
Content-Length: 4786
Expires: Mon, 15 Jan 2018 15:41:58 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
0 22ms
7ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig.min.js
Protocol: HTTP/1.1
Server: 2.19.43.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:41:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=1209600
Connection: keep-alive
Content-Length: 901
Expires: Mon, 22 Jan 2018 15:41:58 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F%...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F...

0
0

6ms
6ms

Image
text/plain

2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&c9=
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: HTTP/1.1
Server: 2.19.43.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:41:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1515426118865&ns_c=UTF-8&cv=3.1&c8=%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com&c7=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&c9=
Pragma: no-cache
Date: Mon, 08 Jan 2018 15:41:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
0 45ms
14ms Script
application/x-javascript 2600:9000:2002:8400:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: SPDY
Server: 2600:9000:2002:8400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Sat, 09 Dec 2017 00:06:28 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
age: 2099
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: -WaHDeO8_frtJgjLvAmwDOpARvNcvUIva7yGFKDGQiJP9knmeVl6CQ==
via: 1.1 9ece10f886f26459a29d505f7dc15d23.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pixel;r=671408410;labels=title.%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i;fpan=1;fpa=P...
pixel.quantserve.com/ 35 B
0 51ms
12ms Image
image/gif 95.172.94.23
Internap European...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=671408410;labels=title.%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin.com;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i;fpan=1;fpa=P0-1630176307-1515426118944;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1515426118943;tzo=0;ogl=title.%D0%92%D0%B5%D1%82%D1%80%D1%8B%20%D0%A1%D0%BC%D0%B5%D1%80%D1%82%D0%B8%20-%20Pastebin%252Ecom%2Ctype.article%2Curl.https%3A%2F%2Fpastebin%252Ecom%2Fvh0uxp7i%2Cimage.https%3A%2F%2Fpastebin%252Ecom%2Fi%2Ffacebook%252Epng%2Csite_name.Pastebin
Requested by: Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i
Protocol: HTTP/1.1
Server: 95.172.94.23 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS: pixel.quantserve.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:41:58 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (3D0 58 KB
0 764ms
156ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Mon, 08 Jan 2018 16:42:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (F6E 58 KB
0 768ms
159ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Mon, 08 Jan 2018 16:42:00 GMT

GET
H2 200 steadfast_1.png
pastebin.com/i/ 1 KB
0 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/steadfast_1.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/steadfast_1.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4dd"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaa863af-FRA
content-length: 1245
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 facebook_svg.png
pastebin.com/i/ 794 B
0 16ms
15ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_svg.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-31a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaa963af-FRA
content-length: 794
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 twitter_svg.png
pastebin.com/i/ 1 KB
0 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_svg.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5d2"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaab63af-FRA
content-length: 1490
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 user.png
pastebin.com/i/ 2 KB
0 14ms
13ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/user.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/user.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c9"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaac63af-FRA
content-length: 1737
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 message.png
pastebin.com/i/ 1 KB
0 14ms
13ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/message.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723ed293e88eb58e85b564c59d563b166cbc3470a80e4268986cb42b4bb39f55

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/message.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-507"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaad63af-FRA
content-length: 1287
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 date.png
pastebin.com/i/ 1 KB
0 14ms
14ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/date.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/date.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4b3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaae63af-FRA
content-length: 1203
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 views.png
pastebin.com/i/ 1 KB
0 14ms
14ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/views.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/views.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5aa"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecaaf63af-FRA
content-length: 1450
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 expire.png
pastebin.com/i/ 2 KB
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/expire.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/expire.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6c1"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecab063af-FRA
content-length: 1729
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 info.png
pastebin.com/i/ 2 KB
0 14ms
14ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/info.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/info.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-68c"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439ecab163af-FRA
content-length: 1676
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Safe/ Frame (BE0 58 KB
0 789ms
168ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 4529188259298201287
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13868
Expires: Mon, 08 Jan 2018 16:42:00 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
0 15ms
13ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/facebook_circle.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-332"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0063af-FRA
content-length: 818
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
0 10ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/twitter_circle.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-3ba"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0163af-FRA
content-length: 954
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
0 11ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_chrome.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_chrome.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bae"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0263af-FRA
content-length: 2990
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
0 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_firefox.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_firefox.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-c6a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0363af-FRA
content-length: 3178
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
0 11ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_ios.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_ios.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bc3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0463af-FRA
content-length: 3011
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
0 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_windows.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_windows.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-710"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0563af-FRA
content-length: 1808
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_webos.png
pastebin.com/i/ 3 KB
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_webos.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_webos.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-d1e"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0663af-FRA
content-length: 3358
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
0 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_android.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_android.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-9a5"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0763af-FRA
content-length: 2469
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
0 9ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_macosx.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_macosx.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-b31"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0863af-FRA
content-length: 2865
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
0 10ms
9ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_opera.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_opera.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-ac4"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0963af-FRA
content-length: 2756
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
0 11ms
10ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_linux.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/footer_linux.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-11db"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0a63af-FRA
content-length: 4571
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
0 23ms
22ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/close_promo.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare
etag: "590c3d57-594"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f1b0b63af-FRA
content-length: 1428
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/ Frame (99C 58 KB
0 765ms
157ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 15165ce15de1de59ae31793e0e0a4303f6739437468c446b3b79b4275a4ceb3c

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 9538167257438097425
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 22 Sep 2017 04:30:27 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13874
Expires: Mon, 08 Jan 2018 16:42:00 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
0 8ms
8ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/cd-top-arrow.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/vh0uxp7i

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/cd-top-arrow.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:41:59 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1c3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da0439f6b3163af-FRA
content-length: 451
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:41:59 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (3D0 677 B
0 159ms
158ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 91f8bc45e2f6660a0ad09b24143c7ad4d3027a1814d4bc52d8c401d9eefc532d

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 326
Expires: Sun, 08 Apr 2018 15:42:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (F6E 677 B
0 155ms
155ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 4a4fe89c86595214d97513496fcde0264b586855a008043986273f73bbd77f0f

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 328
Expires: Sun, 08 Apr 2018 15:42:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (BE0 677 B
0 151ms
151ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 2fcef367764665a036d249f8c3d114e348edf94c07f4d5c7b514bd594c5ab772

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Sun, 08 Apr 2018 15:42:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame (99C 677 B
0 159ms
158ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7690493704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/SnackbarSafe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 31c6c86cf227b9f4883f01aa57d379f746d5ee8a01661fbd97052c0c7ad298df

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:00 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 328
Expires: Sun, 08 Apr 2018 15:42:00 GMT

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (3D0 8 KB
0 156ms
156ms Script
application/x-javascript 204.11.109.65
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600,120x600&busted=1&url=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&f=0&p=6052896&tKey=aEmneMmrFrRFbtXTrN4TFhRWMfRdLtfQ&a=1&adContainerId=richmedia_2&rnd=6051269
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.65 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 0aa2438b7d20e2361eb4a57e44d31369dbfef8e9183bc5a2e545de93ccbb3259

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 3429
Expires: 0

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (F6E 5 KB
0 161ms
161ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&f=0&p=6052896&tKey=a9mneMTc39UsjhSArmTdURYG7hRdLlCt&a=3&adContainerId=richmedia_4&rnd=6047501
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: ce56fbbde1fef4ec78f82b6335957541ce63a67f7232822ad8acf8da2d41b670

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 2149
Expires: 0

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame (BE0 605 B
0 192ms
192ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7690493704&tagKey=1906995878&loaderVer=0.1&site=pastebincom&adSpace=safe&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x600,300x250&busted=1&url=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&f=0&p=6052896&tKey=aomneMV6nM4cQ2YFMBUmyrR9QSRdLXIQ&a=5&adContainerId=richmedia_6&rnd=6047505
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js
Protocol: HTTP/1.1
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 427207c440a91e44e8a968df8f034efa362f6bb1abf9939cda02dc2d32a0f998

Request headers

Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 485
Expires: 0

GET
H2 200 160x600_custom_safe.php Show response
pastebin.com/adserver/ Frame (6A2 808 B
0 224ms
224ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7106b1c10628b1dbe9bb051a7f111584e755a235e394f26d9822e10e9fde6c4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/160x600_custom_safe.php
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3da043a67eee63af-FRA
x-xss-protection: 1; mode=block

GET
S 200 pubfig160x600.min.js Show response
pub.freestar.io/pastebin/ Frame (6A2 3 KB
0 12ms
12ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_safe.php
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14485aedff904f2a489ec8b21b969614e8b76564098901c27d133abcee30be72

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UqSm9dcrwSUB3N7-Dae6xnsvQnpBlMXRDicx9koGAlNsmVt-cdDCJ1k25pp7pwiHF8K0XcFIYZ0cc0cFE2wKji9CQsBaw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Mon, 13 Nov 2017 17:08:04 GMT
server: cloudflare
etag: W/"5d74490af9521ca71dda4ff647be1d18"
vary: Accept-Encoding
x-goog-hash: crc32c=hi4z2A==, md5=XXRJCvlSHKcd2k/2R74dGA==
x-goog-generation: 1510592884944576
cache-control: public, max-age=3600
x-goog-stored-content-length: 2624
cf-ray: 3da043a7ebda9732-FRA
expires: Mon, 08 Jan 2018 15:52:42 GMT

GET
H2 200 728x90_custom_safe.php Show response
pastebin.com/adserver/ Frame (C27 832 B
0 226ms
221ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f85a70f2a4ba2ccd0505611d6251aad3bef718adf8c9cb96c256199c13fdf0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/728x90_custom_safe.php
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3da043a69efc63af-FRA
x-xss-protection: 1; mode=block

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (6A2 208 KB
0 50ms
38ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b009767f6f6c149cf4d7ddbab5dd08b995d66ab26a168a5bec4c6850fbc2d40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
link: <https://securepubads.g.doubleclick.net>; rel=preconnect
etag: "1515172093230688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 74100
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:00 GMT

GET
S 200 prebid.0.18.0.js Show response
pub.freestar.io/core/ Frame (6A2 135 KB
0 17ms
17ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/core/prebid.0.18.0.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig160x600.min.js
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UpDdY22gkdhu0yxXAw6u0SkYcKsdbz18kKLTWWCmKzMra8vOmGfSTU3AP_-Z_UgohKjbv6LEmgclNNbxfTIGnFrnOXjPA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Wed, 13 Sep 2017 21:18:29 GMT
server: cloudflare
etag: W/"7580dad0f80106496b0eb78e0874ac53"
vary: Accept-Encoding
x-goog-hash: crc32c=DfdWjw==, md5=dYDa0PgBBklrDreOCHSsUw==
x-goog-generation: 1505337509876684
cache-control: public, max-age=3600
x-goog-stored-content-length: 138216
cf-ray: 3da043a80bef9732-FRA
expires: Mon, 08 Jan 2018 15:54:43 GMT

GET
S 200 pubfig728x90.min.js Show response
pub.freestar.io/pastebin/ Frame (C27 3 KB
0 12ms
11ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_safe.php
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7591a30788df58aa90317be1228fb5c00650350e81d37f9482bc8db8428464dd

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UqsahJ-ALWGLYK5KPo7eHzRDyuuQZI5Jkj5qPl3tx8K-oPxLE4Camh4W9AdZowkrexaruBIKUdXWOAOfsZDiWsa_vVXnA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Mon, 13 Nov 2017 17:08:04 GMT
server: cloudflare
etag: W/"40075ba4859712923cece9617e97f8d1"
vary: Accept-Encoding
x-goog-hash: crc32c=oLkjPQ==, md5=QAdbpIWXEpI87Olhfpf40Q==
x-goog-generation: 1510592884728305
cache-control: public, max-age=3600
x-goog-stored-content-length: 2874
cf-ray: 3da043a80bf09732-FRA
expires: Mon, 08 Jan 2018 16:34:37 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (C27 13 KB
0 45ms
44ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a46267bc2b4c50a76bd11e8cbae1c31d16826a6fe3db3016cc91d8436ab709e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1515172093230688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5801
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:00 GMT

GET
S 200 prebid.0.18.0.js Show response
pub.freestar.io/core/ Frame (C27 135 KB
0 23ms
22ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/core/prebid.0.18.0.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig728x90.min.js
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2UpDdY22gkdhu0yxXAw6u0SkYcKsdbz18kKLTWWCmKzMra8vOmGfSTU3AP_-Z_UgohKjbv6LEmgclNNbxfTIGnFrnOXjPA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Wed, 13 Sep 2017 21:18:29 GMT
server: cloudflare
etag: W/"7580dad0f80106496b0eb78e0874ac53"
vary: Accept-Encoding
x-goog-hash: crc32c=DfdWjw==, md5=dYDa0PgBBklrDreOCHSsUw==
x-goog-generation: 1505337509876684
cache-control: public, max-age=3600
x-goog-stored-content-length: 138216
cf-ray: 3da043a81c089732-FRA
expires: Mon, 08 Jan 2018 15:54:43 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (6A2 496 B
0 475ms
97ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 16b959c886f56c3e1334d41e0f1ee92fb81e3fd21a6a458ad19a1722d0e005ab

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (6A2 80 B
0 49ms
9ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=214424362a9d12&psa=0&id=10877100&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f6683035d3a076833d373fb0f501ce4408eeffae57fbdac410923b8152dd4470

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.71:80
AN-X-Request-Uuid: d676391c-c2ab-4796-b6c3-40e7f3d0000a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (6A2 21 KB
0 34ms
10ms Script
text/javascript 2400:cb00:2048:1::6814:10f3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: SPDY
Server: 2400:cb00:2048:1::6814:10f3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare-nginx
x-amz-request-id: EED1D2D80CD7ADED
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
vary: Accept-Encoding
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
status: 200
cache-control: public, max-age=86400
cf-ray: 3da043a86ccd9ab8-FRA
content-type: text/javascript
x-amz-id-2: GRqoBVxTy1pWnUCP2nFNUayXE+p9cBcxIEPie6A0KwDNlQN0bf3rJhkP+4KNyrOVXS7QE8sG2IE=
expires: Tue, 09 Jan 2018 15:42:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (6A2 80 B
0 46ms
6ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=6a1be0d1c67c88&psa=0&id=10874059&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

319cc348c18135ddf4a3282a4c794f16af82afe11c448577ce4d09154393f308

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.164:80
AN-X-Request-Uuid: 05eee196-e458-4407-99c1-283f75a4223f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (6A2 30 KB
0 28ms
5ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Age: 489
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1536-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1515426121.024872,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 2597

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (6A2 0
0 45ms
5ms Script
text/html 37.252.172.39
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=10d2ae50d442635&psa=0&id=10885892&size=160x600&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.39 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.7:80
AN-X-Request-Uuid: 6e2f87c5-85cc-4345-ad59-63dcf2c438c4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (C27 496 B
0 549ms
97ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 3a748daa1612db4a6f2221eef56d95035b2592044cb5c282f265a29e514787cd

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C27 80 B
0 42ms
22ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=2b39e99460070d&psa=0&id=10877100&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

fa739d0302567b951fc8aebf332a142686636fe081af9901ec7406e1df981777

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid: 3b045d9f-990b-4cf9-80e2-e33db4e7d335
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (C27 21 KB
0 17ms
16ms Script
text/javascript 2400:cb00:2048:1::6814:10f3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: SPDY
Server: 2400:cb00:2048:1::6814:10f3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare-nginx
x-amz-request-id: EED1D2D80CD7ADED
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
vary: Accept-Encoding
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
status: 200
cache-control: public, max-age=86400
cf-ray: 3da043a86cce9ab8-FRA
content-type: text/javascript
x-amz-id-2: GRqoBVxTy1pWnUCP2nFNUayXE+p9cBcxIEPie6A0KwDNlQN0bf3rJhkP+4KNyrOVXS7QE8sG2IE=
expires: Tue, 09 Jan 2018 15:42:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C27 80 B
0 27ms
8ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=6682cb6b3dc534&psa=0&id=10874048&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6d2291a81629b7107f312833b8b48a2cdc41d0ffcb8e3857229ba61959031f61

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.37:80
AN-X-Request-Uuid: 5544d6b2-ce58-4743-91a5-ef474360c798
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (C27 30 KB
0 23ms
5ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Age: 489
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1536-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1515426121.042124,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 2598

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C27 0
0 25ms
6ms Script
text/html 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=105f273042a1e5e&psa=0&id=10885891&size=728x90&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid: 88c62473-1548-4aba-ba2b-ae517f4482f0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (C27 108 B
0 35ms
13ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (C27 108 B
0 34ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_170.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (C27 201 KB
0 63ms
40ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2017 19:12:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 71570
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:01 GMT

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (6A2 0
0 40ms
21ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551469&cf=160X600&rq=1&dw=160&cwu=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&cwr=&mrnd=65382161&if=2&tl=1&pxy=1222,552&cxy=160,600&dxy=1585,4647&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1526-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid00
Via: 1.1 varnish
X-Cache-Hits: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (6A2 143 B
0 9ms
9ms XHR
application/json 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c76635406e3af017b1cff689319e2619d2bd608b0e6552755a25ac6850d90193

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.123:80
AN-X-Request-Uuid: 70106f70-7680-4cf4-ae78-d46c8b5ecbc3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 300x250_custom_safe.php Show response
pastebin.com/adserver/ Frame (C9F 804 B
0 225ms
225ms Document
text/html 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/300x250_custom_safe.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Safe/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc2d0690e3bff9bc8c528d85dbd507e1164a49c6bae7e34d9d474b2e4c39d325

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/300x250_custom_safe.php
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/vh0uxp7i
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/vh0uxp7i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3da043a72f5a63af-FRA
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (C27 142 B
0 7ms
7ms XHR
application/json 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8d481de3ad7d5c623f97e93293d3139828348ee76da4854ecb619a902a180b7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.26:80
AN-X-Request-Uuid: 072353af-66eb-4fe8-ad27-703ef4920566
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (C27 0
0 31ms
17ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551466&cf=728X90&rq=1&dw=728&cwu=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&cwr=&mrnd=3003210&if=2&tl=1&pxy=204,116&cxy=728,90&dxy=1585,4647&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1523-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid01
Via: 1.1 varnish
X-Cache-Hits: 0

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (6A2 108 B
0 14ms
13ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (6A2 108 B
0 14ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-14/html/ Frame (6A2 0
0 19ms
5ms Other
text/html 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-14/html/container.html?n=2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 11 Dec 2017 15:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2419282
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1579
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2017 03:31:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Dec 2018 15:40:39 GMT

GET
S 200 pubfig300x250.min.js Show response
pub.freestar.io/pastebin/ Frame (C9F 3 KB
0 16ms
15ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_safe.php
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d606d53a48de5524fa6584a303b8f1407d8ff98a6cc8d3e6cb5dc05a8db3240

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AEnB2Up6MBSnB-lAmj30yNVZd9mjIJVMqw2W4hbONOvSbxeZ3k6QB2l_pOQ08anSJk0-KDqpS6cueRoX0Z49_hxzvZ_wq9s8RQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Mon, 13 Nov 2017 17:08:04 GMT
server: cloudflare
etag: W/"7e75dd2a2aca43c32f68327757c9e68b"
vary: Accept-Encoding
x-goog-hash: crc32c=e+hZFA==, md5=fnXdKirKQ8MvaDJ3V8nmiw==
x-goog-generation: 1510592884912963
cache-control: public, max-age=3600
x-goog-stored-content-length: 2866
cf-ray: 3da043a8fcde9732-FRA
expires: Mon, 08 Jan 2018 15:45:44 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame (C9F 13 KB
0 45ms
44ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a46267bc2b4c50a76bd11e8cbae1c31d16826a6fe3db3016cc91d8436ab709e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1515172093230688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5801
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:00 GMT

GET
S 200 prebid.0.18.0.js Show response
pub.freestar.io/core/ Frame (C9F 135 KB
0 23ms
22ms Script
text/javascript 2400:cb00:2048:1::681b:5926
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.freestar.io/core/prebid.0.18.0.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/pastebin/pubfig300x250.min.js
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:5926 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8

Request headers

Response headers

date: Mon, 08 Jan 2018 15:42:00 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
x-guploader-uploadid: AEnB2UpDdY22gkdhu0yxXAw6u0SkYcKsdbz18kKLTWWCmKzMra8vOmGfSTU3AP_-Z_UgohKjbv6LEmgclNNbxfTIGnFrnOXjPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 13 Sep 2017 21:18:29 GMT
server: cloudflare
etag: W/"7580dad0f80106496b0eb78e0874ac53"
vary: Accept-Encoding
x-goog-hash: crc32c=DfdWjw==, md5=dYDa0PgBBklrDreOCHSsUw==
content-type: text/javascript
x-goog-generation: 1505337509876684
cache-control: public, max-age=3600
x-goog-stored-content-length: 138216
cf-ray: 3da043a81c089732-FRA
expires: Mon, 08 Jan 2018 15:54:43 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame (C9F 108 B
0 15ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame (C9F 108 B
0 14ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_170.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (C9F 201 KB
0 63ms
40ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2017 19:12:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 71570
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:01 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ Frame (C9F 496 B
0 514ms
97ms XHR
text/plain 68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: 5f41743dbdcd88b334eabd861e0104f6f8bb366a4b9f02ec9f3ad6bcc6cf3ce3

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: 0

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C9F 80 B
0 6ms
6ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=276424b3f8f212&psa=0&id=10877100&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b8b96cbbb53fa4430bc39313f5ec5a2f1870365ad9b0837edeaa9378a8f19ae3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.45:80
AN-X-Request-Uuid: 68e5fda3-72f8-404b-bdeb-e41afa51bbf8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 lib.js Show response
prebid.districtm.ca/ Frame (C9F 21 KB
0 17ms
16ms Script
text/javascript 2400:cb00:2048:1::6814:10f3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: SPDY
Server: 2400:cb00:2048:1::6814:10f3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349

Request headers

Response headers

date: Mon, 08 Jan 2018 15:42:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2017 17:27:39 GMT
server: cloudflare-nginx
x-amz-request-id: EED1D2D80CD7ADED
etag: W/"7b5d18d7512305f51485a2eb8002da0b"
vary: Accept-Encoding
x-amz-version-id: 4h5lDelEiaIxaKCsqrm6l6nM8pdmiYXI
status: 200
cache-control: public, max-age=86400
cf-ray: 3da043a86cce9ab8-FRA
content-type: text/javascript
x-amz-id-2: GRqoBVxTy1pWnUCP2nFNUayXE+p9cBcxIEPie6A0KwDNlQN0bf3rJhkP+4KNyrOVXS7QE8sG2IE=
expires: Tue, 09 Jan 2018 15:42:01 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C9F 80 B
0 7ms
6ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=6490673c01f58d&psa=0&id=10874068&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4337081f3a5b9d04d7de6b1b9aa7c04f6eae6ae23b001f2e05215001396987c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.45:80
AN-X-Request-Uuid: 64c26466-f1a0-4e57-9855-be9851471802
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/ Frame (C9F 30 KB
0 23ms
5ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: 7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Age: 489
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 10423
X-Served-By: cache-hhn1536-HHN
Server: Jetty(9.4.6.v20170531)
X-Timer: S1515426121.042124,VS0,VE0
ETag: 8f7d54636bed9472099fd222d8411f621190abb7
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 2598

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ Frame (C9F 0
0 6ms
6ms Script
text/html 37.252.172.39
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=10a55e0db8f1e19&psa=0&id=10885893&size=300x250&referrer=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i

Requested by

Host: pub.freestar.io
URL: https://pub.freestar.io/core/prebid.0.18.0.js

Protocol

HTTP/1.1

Server

37.252.172.39 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.4:80
AN-X-Request-Uuid: 927851b1-15ba-49ce-bb80-38310c2c5330
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-14/html/ Frame (C9F 0
0 6ms
6ms Other
text/html 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-14/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 11 Dec 2017 15:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2419282
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1579
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2017 03:31:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Dec 2018 15:40:39 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-14/html/ Frame (C27 0
0 6ms
6ms Other
text/html 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-14/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 11 Dec 2017 15:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2419282
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1579
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2017 03:31:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Dec 2018 15:40:39 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame (C9F 143 B
0 7ms
6ms XHR
application/json 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d54f3c242afebd21a28434f3ed64a61557bbf47c3318c680cf0df2f720251360

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:03 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.78:80
AN-X-Request-Uuid: 3f62e57c-92aa-428c-97f6-16deac2d88d2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tag Show response
bid.contextweb.com/header/ Frame (C9F 0
0 19ms
19ms XHR
text/plain 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/tag?tagver=1&ca=BID&cp=560313&ct=551467&cf=300X250&rq=1&dw=300&cwu=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&cwr=&mrnd=75137896&if=2&tl=1&pxy=552,4250&cxy=300,250&dxy=1585,4647&tz=0&ln=en-US
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/getjs.static.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
Origin: https://pastebin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 08 Jan 2018 15:42:01 GMT
Content-Encoding: gzip
Server: Jetty(9.4.6.v20170531)
X-Served-By: cache-hhn1523-HHN
X-Cache: MISS
CWDL: 22/144
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bid06
Via: 1.1 varnish
X-Cache-Hits: 0

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (6A2 3 KB
0 64ms
63ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1769751493852874&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21061447%2C108809107%2C21060361%2C21060903%2C21061149&sc=1&sfv=1-0-14&iu_parts=15184186%2CPastebin_160x600_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1515426122&dt=1515426122204&ea=0&frm=23&biw=1585&bih=1200&isw=160&ish=600&oid=3&adxs=1222&adys=552&adks=1035039964&gut=v2&ifi=1&ifk=1320065300&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F160x600_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&top=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&dssz=11&icsg=279680&mso=32&std=0&vrg=170&vis=1&ga_vid=816914615.1515426119&ga_sid=1515426122&ga_hid=181188827

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

5c2da85c6f701293861acc452e759f6c9b7ee342d5611ebc515781859a0e9d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1454
x-xss-protection: 1; mode=block
google-lineitem-id: 113045586
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737329346
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (C27 3 KB
0 70ms
70ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1584876073059571&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060361%2C21061149&sc=1&sfv=1-0-14&iu_parts=15184186%2CPastebin_728x90_970x90_970x250_320x50_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1515426122&dt=1515426122225&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=204&adys=116&adks=3422942979&gut=v2&ifi=1&ifk=3995772453&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F728x90_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&top=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&dssz=12&icsg=1118722&mso=32&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=816914615.1515426119&ga_sid=1515426122&ga_hid=910032582

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

90fb23df2a716d74d5e8108c0015c28124e3be73e917398c91dce8e54002b09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1491
x-xss-protection: 1; mode=block
google-lineitem-id: 4521052753
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737329826
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_170.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (C27 12 KB
0 40ms
38ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_170.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2017 19:12:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5223
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:02 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (6A2 80 KB
0 27ms
6ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

196f79e1bc4eb4755a3f02fd1c6de62646514dfa15a63819e1ae2e5bf8c19be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 29580
x-xss-protection: 1; mode=block
server: cafe
etag: 15226660786861136018
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2018 15:45:45 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (C27 80 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

196f79e1bc4eb4755a3f02fd1c6de62646514dfa15a63819e1ae2e5bf8c19be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 29580
x-xss-protection: 1; mode=block
server: cafe
etag: 15226660786861136018
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2018 15:45:45 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (6A2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

0
0

100ms
98ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.135:80
AN-X-Request-Uuid: 99ab7043-3ac3-4b0d-b4c5-b1c83f494ca4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (6A2
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEvvrnjRMtrVBl6D_4vmsvg&google_cver=1
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205

0
0

113ms
93ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/160x600_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Mon, 08 Jan 2018 15:42:02 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh00
X-Served-By: cache-hhn1527-HHN

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (C27
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

0
0

94ms
94ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.18:80
AN-X-Request-Uuid: ae762256-96db-4bd0-a1d4-5fe48ab2fcba
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (C27
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://match.adsrvr.org/track/cmf/contextweb
https://match.adsrvr.org/track/cmb/contextweb?
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205

0
0

101ms
101ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/728x90_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Mon, 08 Jan 2018 15:42:02 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=eYNo0uxqT3Ug&ev=1&pid=561205
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
Connection: keep-alive
Accept-Ranges: bytes
CW-Server: ams-bh00
X-Served-By: cache-hhn1527-HHN

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame (C9F 3 KB
0 55ms
55ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=126757319770599&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=1&sfv=1-0-14&iu_parts=15184186%2CPastebin_300x250_300x600_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&cdm=pastebin.com&lmt=1515426122&dt=1515426122375&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=552&adys=4250&adks=2076961728&gut=v2&ifi=1&ifk=1390418613&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_safe.php&ref=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&top=https%3A%2F%2Fpastebin.com%2Fvh0uxp7i&dssz=12&icsg=1118722&mso=32&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=816914615.1515426119&ga_sid=1515426122&ga_hid=521820131

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

c6d675b5dde0edf625c3a7df60ddf62de64bdadbc9370e5b3c0572ccba398688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1467
x-xss-protection: 1; mode=block
google-lineitem-id: 4521632370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 121737367986
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_170.js Show response
securepubads.g.doubleclick.net/gpt/ Frame (C9F 12 KB
0 40ms
38ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_170.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2017 19:12:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5223
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2018 15:42:02 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame (C9F 80 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js

Protocol

SPDY

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

196f79e1bc4eb4755a3f02fd1c6de62646514dfa15a63819e1ae2e5bf8c19be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Mon, 08 Jan 2018 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 29580
x-xss-protection: 1; mode=block
server: cafe
etag: 15226660786861136018
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2018 15:45:45 GMT

GET
H2 200 menu_mobile.png
pastebin.com/i/ 915 B
0 20ms
20ms Image
image/png 104.20.208.21
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/menu_mobile.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/menu_mobile.png
pragma: no-cache
cookie: __cfduid=dab7698d2aea2fa1c5a6ce0c51d8029a31515426118; _ga=GA1.2.816914615.1515426119; _gid=GA1.2.1796812326.1515426119; _gat=1; __qca=P0-1630176307-1515426118944; __gads=ID=0c9b28c3997da439:T=1515426122:S=ALNI_MZrbojO8s0INOTX7BRYtNInQM_60Q
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
referer: https://pastebin.com/i/pastebin.min.v4.css
:scheme: https
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 08 Jan 2018 15:42:02 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-393"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 3da043b19dc263af-FRA
content-length: 915
x-xss-protection: 1; mode=block
expires: Sun, 08 Apr 2018 15:42:02 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/ Frame (C9F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467

0
0

99ms
99ms

Image
text/plain

68.67.153.75
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Protocol: HTTP/1.1
Server: 68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: lbip767069.nym2.adnexus.net
Software: nginx/1.11.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
Server: nginx/1.11.10
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2018 15:42:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 16faee90-9fee-49a6-be27-3879783f0d63
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=5100748490062762467
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/ Frame (C9F
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://match.adsrvr.org/track/cmf/contextweb
https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91

49 B
0

21ms
21ms

Image
image/gif

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://pastebin.com/adserver/300x250_custom_safe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 08 Jan 2018 15:42:02 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
Transfer-Encoding: chunked
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
CW-Server: ams-bh00
X-Served-By: cache-hhn1538-HHN

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2018 15:42:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=de846d2f-afda-44cd-a251-13453b29ba91
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-18 12:58:32	Name: sess Value: 1
.districtm.io/	1970-01-18 21:42:42	Name: __cfduid Value: dc51fe3034ccca0805f9410004c9fac911515426121
.tribalfusion.com/	1970-01-18 15:06:42	Name: ANON_ID Value: ajnuBsOleqf6ZabprMkqlH9jmUKOCIaKeEPn9PE6FZcgGYEP5Fn3VlFWU2E8EMI13NgS0EYi89OtEoVaVCxergWHXdZbs1TYcW9fafVADwvTAdl
.adnxs.com/	1970-01-18 15:06:42	Name: uuid2 Value: 5100748490062762467
.pastebin.com/	1970-01-18 22:21:34	Name: __qca Value: P0-1630176307-1515426118944
.pastebin.com/	1970-01-18 12:58:32	Name: _gid Value: GA1.2.1796812326.1515426119
.pastebin.com/	1970-01-18 21:42:42	Name: __cfduid Value: dab7698d2aea2fa1c5a6ce0c51d8029a31515426118
.pastebin.com/	1970-01-19 06:28:18	Name: _ga Value: GA1.2.816914615.1515426119
.adnxs.com/	1970-01-18 15:06:42	Name: icu Value: ChgI0bwwEAoYASABKAEwy6LO0gU4AUABSAEKGAih1zQQChgBIAEoATDLos7SBTgBQAFIAQoYCO37ORAKGAIgAigCMMuiztIFOAJAAkgCEMuiztIFGAM.
.adnxs.com/	1970-01-18 15:06:42	Name: anj Value: dTM7k!M4/8DYRWSF']wIg2C''pfaP+!]tbPB*SQLOsH`E.g3VsMwgn[
.pastebin.com/	1970-01-18 12:57:06	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bh.contextweb.com
bid.contextweb.com
cdn.fancybar.net
cm.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
pastebin.com
pixel.quantserve.com
prebid.adnxs.com
prebid.districtm.ca
pub.freestar.io
rules.quantcount.com
s.tribalfusion.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tag-st.contextweb.com
tags.expo9.exponential.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
104.20.208.21
151.101.112.166
172.217.18.162
2.19.43.224
204.11.109.65
204.11.109.66
204.11.109.67
204.11.109.68
204.11.109.76
204.11.109.78
216.58.208.34
23.111.10.144
2400:cb00:2048:1::6814:10f3
2400:cb00:2048:1::681b:5926
2600:9000:2002:8400:6:44e3:f8c0:93a1
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:817::2002
2a00:1450:400c:c0c::9c
37.252.172.27
37.252.172.39
54.77.170.180
68.67.153.75
95.172.94.20
95.172.94.23
0aa2438b7d20e2361eb4a57e44d31369dbfef8e9183bc5a2e545de93ccbb3259
125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36
14485aedff904f2a489ec8b21b969614e8b76564098901c27d133abcee30be72
15165ce15de1de59ae31793e0e0a4303f6739437468c446b3b79b4275a4ceb3c
16b959c886f56c3e1334d41e0f1ee92fb81e3fd21a6a458ad19a1722d0e005ab
196f79e1bc4eb4755a3f02fd1c6de62646514dfa15a63819e1ae2e5bf8c19be3
1d606d53a48de5524fa6584a303b8f1407d8ff98a6cc8d3e6cb5dc05a8db3240
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
20f85a70f2a4ba2ccd0505611d6251aad3bef718adf8c9cb96c256199c13fdf0
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23396f2caca227b0433f07c7952518183b9ffbbaa4574a7da47857693f0e17d1
23a1a8123c5cfb9df1063c6cfbab2b7bb80fe645d6e7158baacbea022a81e2a0
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3
2ca8904452135a1a1d08c4ff4f873458700854884ebaa667d65c63c851a098bd
2fcef367764665a036d249f8c3d114e348edf94c07f4d5c7b514bd594c5ab772
319cc348c18135ddf4a3282a4c794f16af82afe11c448577ce4d09154393f308
31c6c86cf227b9f4883f01aa57d379f746d5ee8a01661fbd97052c0c7ad298df
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383
3a748daa1612db4a6f2221eef56d95035b2592044cb5c282f265a29e514787cd
3bb6616032e257dda344d6eb1b632cf78b39f977d79f528ccb154f40732f4c38
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009
427207c440a91e44e8a968df8f034efa362f6bb1abf9939cda02dc2d32a0f998
4337081f3a5b9d04d7de6b1b9aa7c04f6eae6ae23b001f2e05215001396987c5
4a4fe89c86595214d97513496fcde0264b586855a008043986273f73bbd77f0f
50ee3e4faea4083b3eb9980134c99d0cd5e2907b7a4b3df6a14d50dc18ff16d8
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20
5c2da85c6f701293861acc452e759f6c9b7ee342d5611ebc515781859a0e9d4e
5f41743dbdcd88b334eabd861e0104f6f8bb366a4b9f02ec9f3ad6bcc6cf3ce3
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
6d2291a81629b7107f312833b8b48a2cdc41d0ffcb8e3857229ba61959031f61
6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642
700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
723ed293e88eb58e85b564c59d563b166cbc3470a80e4268986cb42b4bb39f55
7591a30788df58aa90317be1228fb5c00650350e81d37f9482bc8db8428464dd
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011
7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6
7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c0d78d6c09317c993832ccf0d37d38da713ce6fe2cfeb1a40ef24473da06335
8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285
8d481de3ad7d5c623f97e93293d3139828348ee76da4854ecb619a902a180b7f
90fb23df2a716d74d5e8108c0015c28124e3be73e917398c91dce8e54002b09b
91f8bc45e2f6660a0ad09b24143c7ad4d3027a1814d4bc52d8c401d9eefc532d
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a46267bc2b4c50a76bd11e8cbae1c31d16826a6fe3db3016cc91d8436ab709e4
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8
b009767f6f6c149cf4d7ddbab5dd08b995d66ab26a168a5bec4c6850fbc2d40e
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
b8b96cbbb53fa4430bc39313f5ec5a2f1870365ad9b0837edeaa9378a8f19ae3
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c6d675b5dde0edf625c3a7df60ddf62de64bdadbc9370e5b3c0572ccba398688
c76635406e3af017b1cff689319e2619d2bd608b0e6552755a25ac6850d90193
cad14ebaed9b28f7e0031bc0a6fb5380a0f9b04ca7eae93fc909ed20ff57e275
cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca
cc2d0690e3bff9bc8c528d85dbd507e1164a49c6bae7e34d9d474b2e4c39d325
ce56fbbde1fef4ec78f82b6335957541ce63a67f7232822ad8acf8da2d41b670
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d54f3c242afebd21a28434f3ed64a61557bbf47c3318c680cf0df2f720251360
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71c9f44621e174cd4210578b0e1198520c32ca28e66968ae3d90980a8726349
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc
f6683035d3a076833d373fb0f501ce4408eeffae57fbdac410923b8152dd4470
f7106b1c10628b1dbe9bb051a7f111584e755a235e394f26d9822e10e9fde6c4
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fa739d0302567b951fc8aebf332a142686636fe081af9901ec7406e1df981777
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

pastebin.com Open in urlscan Pro 104.20.208.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

128 Requests

36 %HTTPS

28 %IPv6

18 Domains

25 Subdomains

23 IPs

4 Countries

0 kBTransfer

2102 kBSize

11 Cookies

6 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

36 %
HTTPS

28 %
IPv6

18
Domains

25
Subdomains

23
IPs

4
Countries

0 kB
Transfer

2102 kB
Size

11
Cookies

128 HTTP transactions
0 data transactions