urlscan.io logo urlscan.io
SecurityTrails logo

pasted.to Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://pasted.to/6471a25aaed9e
Submission: On May 27 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pasted.to.
TLS certificate: Issued by GTS CA 1P5 on April 11th 2023. Valid for: 3 months.
This is the only time pasted.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
pasted.to
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700:3031::6815:560a (United States)

ASN13335 (CLOUDFLARENET, US)
2a0b.ghostbin.me
1    2606:4700:3035::ac43:d0e2 (United States)

ASN13335 (CLOUDFLARENET, US)
preview.adspot.gg
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu
i.ibb.co
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 pasted.to
pasted.to
183 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
202 KB
3 ghostbin.me
2a0b.ghostbin.me
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12484
7 MB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
2 gstatic.com
fonts.gstatic.com
30 KB
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 15742
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
601 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
1 adspot.gg
preview.adspot.gg
101 KB
39 11
Domain Requested by
15 pasted.to pasted.to
6 pagead2.googlesyndication.com pasted.to
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 2a0b.ghostbin.me pasted.to
2a0b.ghostbin.me
2 i.ibb.co pasted.to
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.nl pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com pasted.to
1 preview.adspot.gg pasted.to
39 13

This site contains links to these domains. Also see Links.

Domain
accountboost.sellpass.io
icemarket.cc
cracked.io
Subject Issuer Validity Valid
*.pasted.to
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
ghostbin.me
GTS CA 1P5		 2023-05-21 -
2023-08-19		 3 months crt.sh
adspot.gg
GTS CA 1P5		 2023-04-29 -
2023-07-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
i.ibb.co
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://pasted.to/6471a25aaed9e
Frame ID: 50B137C9885DDC0C17185247BA29CC83
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Frame ID: A66D3D3C12F68550A23267A6A490312E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8272761985229681&output=html&adk=1812271804&adf=3025194257&lmt=1685172131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fpasted.to%2F6471a25aaed9e&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685172131150&bpp=4&bdt=294&idt=322&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2932171012178&frm=20&pv=2&ga_vid=496846210.1685172132&ga_sid=1685172132&ga_hid=1187773682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44772269%2C44788441%2C44790154&oid=2&pvsid=3537620880059297&tmod=429951887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=353
Frame ID: 0CAC730A0972BB977B5DB62F164A9C70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9364C34DF072323F32327B1CDDF1573F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E6EC1FDDEED6BF293269D5CC722CF4A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

⭐[286] FRESH SOCKS5 PROXIES⭐PAID AND PRIVATE PROXI | Pasted

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

39
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

7187 kB
Transfer

8108 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6471a25aaed9e
pasted.to/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
42b6c7fab17591c49656dfa15fee1286f1f5bc94412e36769d11d21a8e5bc6e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cdc8157a8f6361b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 May 2023 07:22:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYTVrENZ0juJhQXSzIvO7H22cJiwgNZXj%2BlDOcezYNFOlWKi%2By%2BoW0YBw3wlkq6AbHQydYTZpG%2Fh10u8SpT6nfzCwDn8N5ozZ521kKrAnx3NGPW76oXVDrfZz2jnR%2F5Ed%2FmzPpSzLq0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.28
x-turbo-charged-by
LiteSpeed
style.css
pasted.to/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasted.to/assets/css/style.css
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6493f1ee319ab9e4041f888e729f6cd07ae3d406e159df401804e69026e05bdb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 19:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Bw1ZARPlAEvYjA4afyjxSJ9xu%2FOv7P4sqEHvhVT3eP2%2FSTaVqGzrUg0jjhI5Vm17eVJj%2Fo8jBD3CtH%2F4ZlKKvRnhtbsd4E17w2K5uPVO11cRjBt9BwOGUAZdwZFMJynYoerx7Est3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb51361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
responsive.css
pasted.to/assets/css/ 		2 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasted.to/assets/css/responsive.css
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222694ef1194c42fc3d53a1bc64064895e8e3f78f5739a74173238c6cb01b242

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
252343
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sc2BYTxwkscR%2BJ20%2BxhJhlQt71YCrVDkprDVOqeEuT3lH2dIpWyRhm3hDC%2FRgeJQSmM4oxdl%2B%2BczmCXtKnuLtYqoXUfHCbfUKwcisd3tVlS1jrd7IYVcxpiricZzlEq%2FhViZhdlPrUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb53361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 09:16:27 GMT
codemirror.css
pasted.to/codemirror/lib/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/lib/codemirror.css
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb494ea972d2661ef86f7f6ac656dd6786d721e49c9c1b46e1eb967e4b6f9bf3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqfjteOmcdnLtzFOCQHLlTdHEDKd7tFUi2jdPV5Btjr7xfydjB0%2BhcYUQfL4kSiM1P1wRu6AS1H8BjGWd8hLm6Luk%2Fcg%2BWxg%2B1im%2FtuUyMEe03taldB0sbcEC3rypbSsztlMoaBnd1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb55361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
material-palenight.css
pasted.to/codemirror/theme/ 		3 KB
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/theme/material-palenight.css
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83421e15674487d2d52ffff81c6fed2e092f43e80082640121758461245c0700

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 19:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52414
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jwh9%2F6Ud9H7ANqUR5ce5T0xUG9ollkfnwsKJsubCdhhmNWjuq0C0afd812eMfogsCptJrRpNikl2X1%2FxNJYSvN%2FmRZXteKGZHDxcolOO%2FUU0jWu%2FKq7Bkh8sTrXwrliNVKCVYHN30C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb57361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Jun 2023 16:48:36 GMT
codemirror.js
pasted.to/codemirror/lib/ 		392 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/lib/codemirror.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8beb242c41927656e634cda1db88a72aac40b18bc887e831efd2e842db123453

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
252343
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FQIqGSbjLBbCYgF%2F5whg%2F%2B0rt7H73S%2Fb270m9Y3i334Y9NdoHdFMZrQt%2BhvN%2BFuAovNyVDstq72Gs%2F%2B7KxUNXZOaIwRn%2FsXMAl66xMh7NfMEaFjUn3JME%2Fn0VjaoOt3R0p5kbfcE0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb58361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 09:16:27 GMT
xml.js
pasted.to/codemirror/mode/xml/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/xml/xml.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrmcYoks7MqHNbv2xHYltXFLpCCrhUd%2BDaaosM2rYBObtyZYQlyFXbI2sru2OOxIPDi%2FOMbMSJfO9pndbZ1qallYNJcN6RLg7TspdFVr2EJ8KsZEwMQE9LHQBp5nwCC3B8fkv86s67Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb5a361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
javascript.js
pasted.to/codemirror/mode/javascript/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/javascript/javascript.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9gkWZVFnkalh8jqjBLE1WmBYM57G6ClVQswK0iO2AKo4qm65jfIOJuEVAF3rx%2FQSmagBfY4XB3CzhIOrASAiH0%2BNs44CpBycOTsxFx2%2FkoRTM8TBRWld4lRVqwJxHZiCXdz8TPDFcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb5c361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
css.js
pasted.to/codemirror/mode/css/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/css/css.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
60738
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LaLirkkvv6M%2B1lCKcNy1YZsCqSa98z72TxXQSadOF3iH%2B3H%2F69aWUFLwmKUyt0wA%2FE6OqXXDr5l1gfnzdfMpdwQkg8fS1rxUKH%2FeLeWloYOIbqqgU8THLqrhRBGJQR%2BoYvuziaOLlw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb5d361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Jun 2023 14:29:52 GMT
sql.js
pasted.to/codemirror/mode/sql/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/sql/sql.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZeuqyHGZL3DUBZxZcqy9e4TaSBT9hhgK7MNbf17SdKByKtojTKSlf%2FvDcS6NGO8tQFUNKAbb1KGlir227A0vzoKE0cLUheEOG2%2Feck89w9zyf6vNdEoxE%2FcUWVhlQacOye%2BPvs4aeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb5e361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
php.js
pasted.to/codemirror/mode/php/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/php/php.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
225868
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXa%2BD9jFeeAH6iX1tGLe6YAz86enMbpJmWFh9nrBLoZp5RUk%2BxI1rpZJTEpcyZ1lRVgVok9ICytSokjZkR9t0JcAOKdcCTaubMtN1%2FW0p3J5wjLiTZYnhZM%2BgJNrTxi3hknD6bkKLOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc8159fb5f361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 16:37:42 GMT
python.js
pasted.to/codemirror/mode/python/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/python/python.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271214
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQxqBIAKoCV0o68yvKvgQsCqG4v4CwR7va%2FZzAPsMYDFpj6DvKwz49%2FmICp39nKzJWSUZUg7QVhRSdsvCELTloTjLtSP5ppvuTw8xv0Lcjq3%2BWWj87xdyv5SRBu0i13x4aAjJ%2B7iEGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc815a1b8b361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 04:01:56 GMT
shell.js
pasted.to/codemirror/mode/shell/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/shell/shell.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f77cb162ea9d9e9fc79b95ba547a7cc10a0767e3a5a52c786d4c24253736fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
252343
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDqgV7RE8OVDLGoh5qGIqFyHi%2BXqQZip7vlnUaGDmOFhVacMmIqOmoR7XIeLXrgAndmiea9Ng%2BXiPgVACtXGmsKl7HwtQlRJAO%2FWfml6ZNojslpanxWZZ9khEN9URmWT48QcDdZexGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc815a1b8d361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 09:16:27 GMT
clike.js
pasted.to/codemirror/mode/clike/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/clike/clike.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
60737
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIYwar0joebpE%2Ff7Jgqz%2F83ww0zMumBKN241%2FKeGC%2BAAcHTZWXtJPGyo1UQUcL5eCrNjjFcWWhRQkH5U8teeQUptHMS81aHqj8P3TCdBOGNZ8LFmFAdvqZM8RyxMtUpXB4mIhtHYE48%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc815a1b8e361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Jun 2023 14:29:53 GMT
htmlmixed.js
pasted.to/codemirror/mode/htmlmixed/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasted.to/codemirror/mode/htmlmixed/htmlmixed.js
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/6471a25aaed9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 18:49:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
252343
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuTG0019BUJ6GIaV7pT5LqzmIBue2R2QIuv4JbIgaCZ9s7LS5D%2FQhxZ0tPJt8S45eFO%2FE4DEWxdJvNQrxMp9a52kvHdXX%2B5tATOZ%2FbStSwjUEboLP9PkJctP62Ex5xiAEFc9tXNMh9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cdc815a1b8f361b-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 May 2023 09:16:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8272761985229681
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0f98dd45edf496439855a3e76c08b765a0c9f8175f13d6d7b293fac09a66825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pasted.to/
Origin
https://pasted.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47216
x-xss-protection
0
server
cafe
etag
16129666705092540862
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 May 2023 07:22:11 GMT
asgg.php
2a0b.ghostbin.me/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2a0b.ghostbin.me/asgg.php
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:560a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01085be1aefe7d7f7296a9bea72fa06c0af4f1f72760c2ce08bc559d6b76973

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KADyQQimlcy%2B67cBig4JYZNN4yQcomLyiNyxB4iw6WEO7SDukFppmZIMW86UiL9Tk3S9iQcOcFDrk6aXrsRumHKTFvFL%2B6RHUQ4ecMg41vUnu8yfffkyUZP5TKzQahSbBQ3RoILknqpt%2FSaaSob"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cf-ray
7cdc815a7f1019a9-FRA
alt-svc
h3=":443"; ma=86400
default2.png
preview.adspot.gg/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.adspot.gg/default2.png
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d0e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5571a1a8ac21b8b595c6d68f4cb06c2e69505e7f85f8ec1960cfd9770a1b3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 16:35:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
279
etag
"19362-5f8996119d58c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82zPE1%2FSR2jmxidDHqwvhU5G4Z9wWf9NsKLbqIqXEoslEY9q9bBgW%2BvzFTFb%2B2AeoXiKNEkv6GWK63z9uG0CYZz16LwfLVvxFWNs0NLKNmgS5CvDpRhvg81dGdiIRpDjnYNx6ILBJiPwUyEAC8Nf%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cdc815b39f09225-FRA
alt-svc
h3=":443"; ma=86400
content-length
103266
css2
fonts.googleapis.com/ 		98 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: pasted.to
URL: https://pasted.to/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae9ad21662f75889f64a5c7f9259f1fbfbe59aabb80c5bab353894c8b948d871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 May 2023 07:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 May 2023 07:22:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 May 2023 07:22:10 GMT
-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pasted.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:32:19 GMT
x-content-type-options
nosniff
age
146992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14956
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2024 14:32:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8272761985229681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0540191026ff7577650f2d25c5fd97788b30e8bda383dddb6fb37abf1ece02c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120274
x-xss-protection
0
server
cafe
etag
6594735785671240066
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 May 2023 07:22:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/ Frame A66D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8272761985229681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pasted.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
77967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 09:42:44 GMT
etag
15057649708203361565
expires
Fri, 09 Jun 2023 09:42:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
asgg
2a0b.ghostbin.me/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2a0b.ghostbin.me/asgg?dmid=pasted.to&asid=16348&tkn=15a32b9054a2bec5229aaf1bea6af7c3&sid=
Requested by
Host: 2a0b.ghostbin.me
URL: https://2a0b.ghostbin.me/asgg.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:560a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJCIohkXDOBey6qlyBliuM4jx7mHejAYK6ZcftRPJYwfPqxnwrYUfL8nk3Y9KOrZr3uGI93RU73tZg%2FA6FjNB9CqUw%2Ffp6cmJKQRkiSre%2Favst2rYC6BUCOG7ohkAKtgojXyqopAYqqmLMsHHJ%2Fz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7cdc815c7c7b5b3e-FRA
alt-svc
h3=":443"; ma=86400
asgg
2a0b.ghostbin.me/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2a0b.ghostbin.me/asgg?dmid=pasted.to&asid=16350&tkn=15a32b9054a2bec5229aaf1bea6af7c3&sid=
Requested by
Host: 2a0b.ghostbin.me
URL: https://2a0b.ghostbin.me/asgg.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:560a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM%2BawukcjAew%2BoyAxbvhJmiZMjhAN6aaeCyxe7L3X5uUvPCAuBzTMymrlhn02C7isnbdlBd7rbrh734WeCrL6lZfJig9jgfO90GStz98M%2FztZmWVPLMDdtQoKRNMP1%2Fze%2FVeWl%2F%2F3947CvHa7PO9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7cdc815c7c7c5b3e-FRA
alt-svc
h3=":443"; ma=86400
a.gif
i.ibb.co/3yYnxLX/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/3yYnxLX/a.gif
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
c2daec973a6cf466b992bb34f3c921515d8a39865ddc8a440e416b85db800b38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
last-modified
Thu, 11 May 2023 01:04:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1145409
expires
Thu, 31 Dec 2037 23:55:55 GMT
a.gif
i.ibb.co/k638QpT/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/k638QpT/a.gif
Requested by
Host: pasted.to
URL: https://pasted.to/6471a25aaed9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
bf7a3d27de054c307460a5cc085fbc0c11fb5820624c909520d931735034af19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
last-modified
Sat, 13 May 2023 14:25:11 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5665141
expires
Thu, 31 Dec 2037 23:55:55 GMT
-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pasted.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 15:15:28 GMT
x-content-type-options
nosniff
age
144403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:17:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2024 15:15:28 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pasted.to&callback=_gfp_s_&client=ca-pub-8272761985229681
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06b1b15637039bbe058dca9cf3bd70a1ff7bc6ff679b05f4d780268b0981325e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=pasted.to
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pasted.to
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0CAC 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8272761985229681&output=html&adk=1812271804&adf=3025194257&lmt=1685172131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fpasted.to%2F6471a25aaed9e&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685172131150&bpp=4&bdt=294&idt=322&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2932171012178&frm=20&pv=2&ga_vid=496846210.1685172132&ga_sid=1685172132&ga_hid=1187773682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44772269%2C44788441%2C44790154&oid=2&pvsid=3537620880059297&tmod=429951887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=353
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pasted.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 07:22:11 GMT
expires
Sat, 27 May 2023 07:22:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1d31229f7b42d70f3b6895a29bca87ea06c3c495abf678a245ef41ac224118f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11202
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8272761985229681&plah=pasted.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 May 2023 07:22:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9364 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pasted.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
38624
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 20:38:27 GMT
expires
Sat, 25 May 2024 20:38:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E6E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31b98ce9a9da68b34fe98d09a543661172de53622f363519cb0e5850d1f34e55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kwkr5SsdtzLjY9ivKKmdtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pasted.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Kwkr5SsdtzLjY9ivKKmdtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 07:22:11 GMT
expires
Sat, 27 May 2023 07:22:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame 9364 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
320117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:26:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=3537620880059297&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9364 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?l3elGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 07:22:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=3537620880059297&bg=!HB-lH0vNAAZu7ficTu07ADkAdvg8WvSdBin8p4lEaoveogxY-S9HY3REwARZcl68M1_jm7NCjBqp3_wKssDegiNjnT65SleMakwCAAAAbFIAAAAEaAEHCgBRjOsVqsv1eBoSBybrIKp6y9ra397Zc2ywbC3Cy-b-Bhe8iA_79PBL5c24XiwdzE8t1b4ZGqJQXCEWbS4I3nHRSYOwVZ_yow08FJAKy_pNSLKEmQKW8E7jmjfcKvkIJPl-cFzkB0EE4O3B7wglOE2XUF54Y9h9m8qYUxrCn9Mw6dfgC0SVHZkiLjDY7irrgTNObCC3zVgfXqIeryrGF_Yjj5-HjyE2FkmpZuTFIjNQQYrqxZd9jlxPMMjV5_NUpwkin9411mNp2zGFNYI3KadvetRAZHFbteGurHjoT0H9B7_vvuGKJmlIMRlBOoqWSL68lRJAUIF7ibPOPp1ZxJVPN4AT-UqSDIF_ve0h1Za-CsC-NGLAyn_w31mw8ydjqz1DP9u6HGsPpFRF2VAyuoJTsT7lRg-fzVCPCxvD2lrvjJq6P44BkXwDHvTs5Dr5u3sDP3AYgOPjkl7vGJvO3EilYhASoAsjSC6EWGmfBt0XewLCPeeO4fgCNKcDGRySnAQjuRVcmDYwqIUpVUIal1vP1YeQtsoeRVy04qga7hEgnWI15j4rAeT6gukEpj8BFEJ1Mc1z08S5vYHDL3wi9suctDKssCnJXtNuOES6CusaeyI_2hhpuW0QHaCqRjCDgtnzTC4KzFq9oB_1YupPdMMU77HKi02b-2YW1OcJI1LZRV6MQUtjM42WzuwbS63lWhMp4ZY-Utx6d0TOnN14PLoCgxJPE1kmWHmj8hHx2gRMDLNS20BPPmI3wkYyrptg3vn7tUonBn1KwiZiJNuYTrtG-2ZXn3a2BeK3RFQy_03L7jAR7KD1iwY10ybAvGoQg354jN39uOKy34QLk5TnjnF7kxiYJNrh8vN_uPNI55Oyfbb1cPNventoyKerf3I_Gv-jVGhVHuDnCEllh8sS1u5gjizSwpSr7frfe-AB6JMeQwujJiyVV0IsLYpmYUs-oeTNfGWrS_tx29OwIvgRVEr-XMpdKuTKgUOk8cw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pasted.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| CodeMirror object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| subId function| asgg function| tC object| editor function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pasted.to/ Name: __gads
Value: ID=aa46a85c1f4e6b5a-2257bcf8f5dd00ac:T=1685172131:RT=1685172131:S=ALNI_MYvyykqoXsme3cm0LXbE8-A-KZWkQ
.pasted.to/ Name: __gpi
Value: UID=00000c1c459e2b8a:T=1685172131:RT=1685172131:S=ALNI_MYLYimFaDsl9-CWLHv2sMaUK7aL1A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a0b.ghostbin.me
adservice.google.com
adservice.google.nl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
pagead2.googlesyndication.com
partner.googleadservices.com
pasted.to
preview.adspot.gg
tpc.googlesyndication.com
www.google.com
162.19.58.159
2606:4700:3031::6815:560a
2606:4700:3035::ac43:d0e2
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a06:98c1:3120::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0540191026ff7577650f2d25c5fd97788b30e8bda383dddb6fb37abf1ece02c2
06b1b15637039bbe058dca9cf3bd70a1ff7bc6ff679b05f4d780268b0981325e
07819ae34d5830a3cf040e1904d4b641cb70142845394211f7fb63c891d80945
21fa74c1638c7a4eb3e8cd04b5c8c997181394568330b341c83716da18ffad8e
222694ef1194c42fc3d53a1bc64064895e8e3f78f5739a74173238c6cb01b242
24f77cb162ea9d9e9fc79b95ba547a7cc10a0767e3a5a52c786d4c24253736fe
31b98ce9a9da68b34fe98d09a543661172de53622f363519cb0e5850d1f34e55
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
42b6c7fab17591c49656dfa15fee1286f1f5bc94412e36769d11d21a8e5bc6e7
4a5571a1a8ac21b8b595c6d68f4cb06c2e69505e7f85f8ec1960cfd9770a1b3d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60f0689e5c6af7f36c341e8e1341a4f10b4f0a04cebfb7341bcbedba9b572b32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6493f1ee319ab9e4041f888e729f6cd07ae3d406e159df401804e69026e05bdb
83421e15674487d2d52ffff81c6fed2e092f43e80082640121758461245c0700
8beb242c41927656e634cda1db88a72aac40b18bc887e831efd2e842db123453
a1ff458a030f8b1db2d901811344f3e178eaceb19b598277d054bf83dacfecd2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
ac23d3f196deb9be25cfcecb966bdc1789b9e177aac683ddccde1420670c4d8a
ae9ad21662f75889f64a5c7f9259f1fbfbe59aabb80c5bab353894c8b948d871
bf7a3d27de054c307460a5cc085fbc0c11fb5820624c909520d931735034af19
c01085be1aefe7d7f7296a9bea72fa06c0af4f1f72760c2ce08bc559d6b76973
c2daec973a6cf466b992bb34f3c921515d8a39865ddc8a440e416b85db800b38
dc7e44d410399326f802e2924573cbf6f942a79f647fd0b97f0b607973bc9a09
e0f98dd45edf496439855a3e76c08b765a0c9f8175f13d6d7b293fac09a66825
e1d31229f7b42d70f3b6895a29bca87ea06c3c495abf678a245ef41ac224118f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb494ea972d2661ef86f7f6ac656dd6786d721e49c9c1b46e1eb967e4b6f9bf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec56443dfebe73f332cc639289ad2de6921560c8952a3e2127397a0849882657
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
fe5912e1d10f8fecb98bd31e2f957c0bbc9abf6b505d11b6dbcd27542d0fdcad