playpaste.com Open in urlscan Pro
104.21.16.76  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response playpaste.com/	12 KB 4 KB	142ms 114ms	Document text/html	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 979cc781dcf0ca68b2ad6ebf94666682014198d32268dc7dedc15cf2cd808ec2 Request headers :method GET :authority playpaste.com :scheme https :path /?v=Cho pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 19 Oct 2021 20:11:30 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.2.34 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzWLdleHO8%2FJxOcTiaExomohEERT5nNaLE%2FdlAaMTKCKgdJoec1u2%2Ff4by1NcNJGHGaFpzWUXpnxlchnnxHTfToOGa3bDWT9NLT7CPNNh0pZM%2FjIGM%2FAw4s4V1gh1TU9"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a0ca7e9fac7704f-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	58ms 23ms	Stylesheet text/css	142.250.185.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f10.1e100.net Software ESF / Resource Hash 043a67f768fc7eadd84edcca6dc5ae899a1a9a327890cde538b2959be6678cc2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 19 Oct 2021 19:21:30 GMT server ESF date Tue, 19 Oct 2021 20:11:30 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Tue, 19 Oct 2021 20:11:30 GMT
GET H2	200	styles.css playpaste.com/css/	63 KB 11 KB	20ms 19ms	Stylesheet text/css	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/css/styles.css Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77c9d943529bbef64ba98fa6d40718bf2d574dcc6b76f7ff83adde055d4c927a Request headers :path /css/styles.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 384124 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 19 Sep 2020 05:46:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZBmdI6Bq8btcits%2Frnx4CB1wb%2B2RDOjHjHGaqAnNnj1msQNw9i5FbPYPZaPCiFPmDTrx85wuNTMmAZ1Hxjr3LzAXzwAz%2B4cAj8NtYwn21PrKoKNViHf51J%2FhcHRXiR%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6a0ca7eadcf6704f-FRA expires Fri, 22 Oct 2021 09:29:26 GMT
GET H3	200	favicon-white.png playpaste.com/images/	6 KB 7 KB	16ms 15ms	Image image/png	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/favicon-white.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 932cbd7af03f5458c0f105a064ba91e2e026e47f02196b57fa41ce7781a24ba8 Request headers :path /images/favicon-white.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 144571 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6166 last-modified Wed, 11 Mar 2020 20:19:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uj9RSU1Zy7O6xIg4embHXTDJZ1uq%2F7wzthHOFvRCR5tE4HqqJqxEwHKcXNEdFg%2Bw2pKdIsKCsosPPpQMJD67avMfZzRQ31ZRXzKAwmzxH5zAkwK4VzYO0JcklR2Uybh"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b444309-FRA expires Mon, 25 Oct 2021 04:01:59 GMT
GET H3	200	step2.png playpaste.com/images/steps/	7 KB 7 KB	23ms 21ms	Image image/png	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/step2.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85d1db4f9370bb81c93b01c6e94a29c6c854e84f391ca90b2a55c4602092adcd Request headers :path /images/steps/step2.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 381510 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7003 last-modified Thu, 19 Mar 2020 18:37:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFRVn8elWOwAyaiRdxP%2B2TVZQo8rihKw1LbsDzHDX%2FijNajkn4sHVUYAHOBtVkA8ITjrBGXyLqqvyE%2BrGBLSKiIE6s9%2BfkpK8Cf%2FJCQzAOQEIsbj8nAPnryrnEhTQUU%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b494309-FRA expires Fri, 22 Oct 2021 10:13:00 GMT
GET H3	200	lock.png playpaste.com/images/steps/	752 B 1 KB	21ms 20ms	Image image/png	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/lock.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cba720f16c14b340c2ef7cebcdce1a3497e716bf8ce363d200fef0b3d5eb27c Request headers :path /images/steps/lock.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 381510 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 752 last-modified Thu, 19 Mar 2020 14:19:42 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hrFAl6q3H5eCDYmgSdYDyFwXT6z0Tdkk1y0usERnOk8um4ECxzf07%2Fecl51U4FDNSfW5yJZE8bN3LQxttUebipVuVJQMoBHNVcEddRRoG1E4d%2FwyhDfQr3wGQdI8axc"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b4c4309-FRA expires Fri, 22 Oct 2021 10:13:00 GMT
GET H3	200	money.png playpaste.com/images/steps/	3 KB 4 KB	22ms 21ms	Image image/png	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/money.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94f8600cde578917e2ae9e0c71c8970b49e62db40060da61a4d24481acc9fbc6 Request headers :path /images/steps/money.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 144506 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3113 last-modified Thu, 19 Mar 2020 14:18:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSFfP8fXzxIA9pepA8n7nse7WFCGUJ5q7KD8C0RLU5WQ7NmmyeYChcepUYQ2Dowfy6Jpp%2BYGpcCcTfkSKfPisTT2qzMSNk5bI2WLoOB5eE2CKlziUNk%2FHp3TmdoHQ7o3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b4f4309-FRA expires Mon, 25 Oct 2021 04:03:04 GMT
GET H3	200	step3.png playpaste.com/images/steps/	6 KB 6 KB	21ms 20ms	Image image/png	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://playpaste.com/images/steps/step3.png Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62e790a1d2e9eade1f7f4338fd1e23feb94d232ab0aee7eb2d6b1ac910903608 Request headers :path /images/steps/step3.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146355 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5931 last-modified Thu, 19 Mar 2020 14:52:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaWHZ74Do27UeUXhb8kjbRGrhw3a67G%2FKKL37em50Z8A8lHfEYRCy4IpKu98zQAArsnTLMiKA6Z%2Bb6elt6egLx90ExW39eE%2BtBOsPEZc6Rde9ECLBL4jNtI36ZQE5t05"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b514309-FRA expires Mon, 25 Oct 2021 03:32:15 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	50ms 15ms	Script text/javascript	142.250.186.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f10.1e100.net Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 15:00:42 GMT content-encoding gzip x-content-type-options nosniff age 18648 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Wed, 19 Oct 2022 15:00:42 GMT
GET H3	200	ckeditor.js Show response playpaste.com/js/	628 KB 188 KB	38ms 38ms	Script application/javascript	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/js/ckeditor.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4dd8b9ca8450296d07afd42ea5d30beb03a36b92db354c8a0274681d1fd880 Request headers :path /js/ckeditor.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 391493 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 28 Jun 2019 07:17:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVy7u8ZAo%2BiO6s423dFL2g3Ql%2FalFgHRwifRb2T171tFB1T0NGCzYHABlbwsyM1A3pWK%2BHtcczwMXoG51%2BvV6Gkw66TmALnZ%2BZ5uRs99V3l80nJAOQjoYyifz94MbFW%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6a0ca7eb2b304309-FRA expires Fri, 22 Oct 2021 07:26:37 GMT
GET H3	200	scripts.js Show response playpaste.com/js/	4 KB 2 KB	15ms 15ms	Script application/javascript	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/js/scripts.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39606353fdd9bcbdb717e5b82e77fad61a94b738233daf50feb0872db78c2e2a Request headers :path /js/scripts.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority playpaste.com referer https://playpaste.com/?v=Cho :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/?v=Cho User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 384124 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 14 Jul 2020 19:15:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk2g%2FpiGPXINvnGPcDqXUZBT1zoEk0OctAbsJoj%2B6w0PWxi5rkbJtD2fotCwSZIpQ71ffl%2F4km9ZahGrkQQhwT2AoD%2BpP27RIUXw8Qqvp1AxB0cd676IXi15a%2FO5g4Qn"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6a0ca7eb3b3b4309-FRA expires Fri, 22 Oct 2021 09:29:26 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	64ms 25ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-55809308-1 Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash 1dbce491ceb3512685bd0e8548d8010b06a78d068c7fe7a0693ca0aaae435c67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36821 x-xss-protection 0 last-modified Tue, 19 Oct 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 19 Oct 2021 20:11:30 GMT
GET H2	200	native.js Show response pigtre.com/code/	6 KB 2 KB	51ms 17ms	Script application/javascript	88.208.60.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pigtre.com/code/native.js?h=waWQiOjEwMjc2ODUsInNpZCI6MTA0OTc3MSwid2lkIjo5MTI0Miwic3JjIjoyfQ==eyJ Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.1 / Resource Hash 068127e1b3ca988785696a99212a9165144acf95000f409b098707b99c7988d9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://playpaste.com date Tue, 19 Oct 2021 20:11:30 GMT content-encoding gzip server nginx/1.21.1 x-zone eu3 vary Accept-Encoding content-type application/javascript; charset=UTF-8
GET H3	200	game_played-webfont.woff2 playpaste.com/fonts/	10 KB 10 KB	14ms 14ms	Font font/woff2	104.21.16.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://playpaste.com/fonts/game_played-webfont.woff2 Requested by Host: playpaste.com URL: https://playpaste.com/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.76 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b37e56061545777a265c686835543c756b75b831c9c24740d898caed276775 Request headers :path /fonts/game_played-webfont.woff2 pragma no-cache origin https://playpaste.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority playpaste.com referer https://playpaste.com/css/styles.css :scheme https sec-fetch-site same-origin :method GET Referer https://playpaste.com/css/styles.css Origin https://playpaste.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 136509 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9888 last-modified Wed, 11 Mar 2020 21:23:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F%2FSu%2FiYS%2BXYD485H8FK4ezqSCIJClJIbSXxL28o208X%2FVc37Nt%2Fj%2F4tA7xPMkLQWU8bqLqm0OzSOAYzT9urBvn61eMR%2FZAyZr%2F%2B6K%2BDfE%2BX09juivpFN9y7EBFqegA7"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6a0ca7eb3b534309-FRA expires Mon, 25 Oct 2021 06:16:21 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	35ms 14ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://playpaste.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 17:27:37 GMT x-content-type-options nosniff age 96233 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 18 Oct 2022 17:27:37 GMT
GET H2	200	WOT_OneShot_970x90_Es-Ar.jpg 1.bp.blogspot.com/-ggSJwKT-Owc/Xd1AScxUWbI/AAAAAAAAAQ8/deOzhS0rCcMLw05HDNkRVDrXCeJ3hzmFACLcBGAsYHQ/s1600/	125 KB 125 KB	45ms 8ms	Image image/jpeg	142.250.185.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-ggSJwKT-Owc/Xd1AScxUWbI/AAAAAAAAAQ8/deOzhS0rCcMLw05HDNkRVDrXCeJ3hzmFACLcBGAsYHQ/s1600/WOT_OneShot_970x90_Es-Ar.jpg Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f1.1e100.net Software fife / Resource Hash 5aa3724517886286b977813d799e21da8c7668ae52a34aa0123a8d87aa8dcc46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 17:40:18 GMT x-content-type-options nosniff age 9072 content-disposition inline;filename="WOT_OneShot_970x90_Es-Ar.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127670 x-xss-protection 0 server fife etag "v110" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 06 Sep 2021 19:10:24 GMT
GET H2	200	bebi_v3.js Show response st.bebi.com/	133 KB 47 KB	107ms 49ms	Script application/javascript	104.21.94.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.bebi.com/bebi_v3.js Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.94.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad05740966a78657cf685251d6aea88a1e8f9df8355707c82bd727d62133011f Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-goog-hash crc32c=lRAK1w==, md5=ttbjdiSWQ0hL79dSLd400g== date Tue, 19 Oct 2021 20:11:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2737 x-guploader-uploadid ABg5-UwJ25k9434DO0zC0ammdGr_pZu7ITLJvDReEVmODm95b8Jet2W2TW3_FxYKu6OUqWe5Q17pLPk5RcwLuaSw-QRmOHuX0A x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 12 Aug 2020 11:05:22 GMT server cloudflare etag W/"b6d6e376249643484befd7522dde34d2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5xrrt4w2%2FS8IQQpLUG6J4aIIt6R72wKplNkx84OKVmcTLSmUxuaUcpDJViSRBSxjRanIoqEuGZzOMrbJyPb7qpt9dzyneLoM1kxyrJVvzWlJrFoy4ql2RYECEar3A%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1597230322238727 content-type application/javascript cache-control public, max-age=3600 x-goog-stored-content-length 136055 cf-ray 6a0ca7eba965411f-PRG expires Tue, 19 Oct 2021 19:45:36 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	14ms 7ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://playpaste.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 16:31:40 GMT x-content-type-options nosniff age 531590 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 13 Oct 2022 16:31:40 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	30ms 7ms	Script text/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-55809308-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Oct 2021 16:38:54 GMT server Golfe2 age 5073 date Tue, 19 Oct 2021 18:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Tue, 19 Oct 2021 20:46:57 GMT
GET H2	200	sa Show response go.bebi.com/w/1.1/	1012 B 1 KB	152ms 142ms	Script application/json	104.21.94.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.bebi.com/w/1.1/sa?o=3092524786&callback=bbgb0kqu4h3092524786&ju=https%3A//playpaste.com/%3Fv%3DCho&jr=&stck=https%3A//playpaste.com/%3Fv%3DCho&ai=1&r=751690218&pl=2000314&dims=1600x1200&adxy=0%2C0&exclude=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=473f770e-7901-45a6-8b2e-fb1417e14be4&sd=1&pxr=false Requested by Host: st.bebi.com URL: https://st.bebi.com/bebi_v3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.94.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28d296e8c598275b9d8b7d15499d55a7d6d5a628e05f12a378a5be646f41cf0e Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:30 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="CUR ADM OUR NOR STA NID" content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OESikF%2BTdklUPUVHw2GIdqw%2F3eJr94f4akniYCb7aJoiwH1rgHditMpkqSy9pIF2ZPgXTV6TgrhNukZrPsnNv6%2FOOcNG5UwPZSZrt2SIKwz9kVrAjLas%2FQZ9p%2BsJjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control no-cache, no-store, must-revalidate cf-ray 6a0ca7ec9b0e411f-PRG link <https://c.bebi.com/397be882-5f29-42df-9b61-85d4c6b74247.jpg>; rel=preload; as=image expires 0
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	28ms 14ms	XHR text/plain	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1293586319&t=pageview&_s=1&dl=https%3A%2F%2Fplaypaste.com%2F%3Fv%3DCho&ul=en-us&de=UTF-8&dt=HW%20%5BGoo%5D%20%7C%20PlayPaste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1756366044&gjid=91197249&cid=1267417869.1634674291&tid=UA-55809308-1&_gid=1093424426.1634674291&_r=1&gtm=2ouai0&z=1924573234 Requested by Host: st.bebi.com URL: https://st.bebi.com/bebi_v3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://playpaste.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 19 Oct 2021 20:11:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://playpaste.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	397be882-5f29-42df-9b61-85d4c6b74247.jpg c.bebi.com/	43 KB 43 KB	34ms 25ms	Image image/jpeg	104.21.94.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bebi.com/397be882-5f29-42df-9b61-85d4c6b74247.jpg Requested by Host: playpaste.com URL: https://playpaste.com/?v=Cho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.94.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f6016b89a74791ab279a793946d5e70233528d0f003c2b6099f965418936c57 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-goog-hash crc32c=Grdnkw==, md5=LIPmuAAJ38qS4Fn4gaFD9g== date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 98608 x-guploader-uploadid ADPycduURl2vfD4QdqdhTNkzIzqXBACB4pKPbwasdVs87ihhc8r30tUuoo120a3tSoTxws1ot2bhRKDnDULhJX9_rz4 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43886 last-modified Wed, 23 Jun 2021 08:09:34 GMT server cloudflare etag "2c83e6b80009dfca92e059f881a143f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPfRiMLXCZ190OtX1wNqrIroWMSNvF20vZhW9yTtGrdhKaR2bnwahqRhzH8VchIsZXl1GXmHvrtnW48bdM%2FtEANxI4qptMW02DUaHO6S7cjjoDuzal1PiaRpD3Gb"}],"group":"cf-nel","max_age":604800} x-goog-generation 1624435774015176 content-type image/jpeg cache-control public, max-age=31536000 x-goog-stored-content-length 43886 accept-ranges bytes cf-ray 6a0ca7ed8c6b411f-PRG expires Tue, 18 Oct 2022 16:48:02 GMT
GET H3	200	micro-logo.png st.bebi.com/	2 KB 3 KB	55ms 32ms	Image image/png	104.21.94.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.bebi.com/micro-logo.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.94.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ca96c4f5abb628c0ac0d61c599137426a75a1de58a8a228393389fce7e529a5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-goog-hash crc32c=qmfGMw==, md5=GkfTajjvwnAmRN+xBVdAzQ== date Tue, 19 Oct 2021 20:11:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2641 x-guploader-uploadid ADPycdtTUv4AaTCp8xGUhdVVAWUhf-9JLskMB42L8UHKxK-J9QStpn6AjjPDm78gEyhHScEQWf198ATgjVs-ESJ9GQM_obT1zA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1922 last-modified Mon, 29 Jan 2018 10:32:41 GMT server cloudflare etag "1a47d36a38efc2702644dfb1055740cd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbUP7qSIBIN0Pfo4Ozpgjbz%2F%2FnzukEtc6qvEdeYaAkeI5BX9RQ0MZbD8itNkoudDZK7RsMYboZjXStvLN2KuYfFXw0hLcv5pWusvXyFFyaCe%2Bu2rQnW%2F%2FgHkG7V1AQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1517221961054923 content-type image/png cache-control public, max-age=3600 x-goog-stored-content-length 1922 accept-ranges bytes cf-ray 6a0ca7edade22790-PRG expires Tue, 19 Oct 2021 20:07:14 GMT
GET H2	200	go trck.bebi.com/1.0/	43 B 430 B	50ms 43ms	Image image/gif	104.21.94.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trck.bebi.com/1.0/go?tq=GNCh9ppe1pQfrQYpivgRPXhHByxkak09nYIOXKZPPZvQ1A3jQMBVQo70rcAyTPi5dwmfu0AJXheo3AzVBjYUmPBMFfw-UyKHUAOFjPoxN3OiskXOR372G3Ao6Hp58LcPQCW9rxWh0mFemMtS7wZz7MFxj3Vko0D2hlvAYhVsHfJz-5G5x7-u0Ln4q-f3KaLY9baHHxTjcwVXqR9E8wOMDMwg3lg6oYo0yeKzE5B_VW0dalJ0mK3_h22FVnjbVEWC3SnxelgLn4Or_dKs6rnV2CX_fxPz5bnAanwghOSUmD3M6ni_0sJYLhEQlzkedJjLNwuZqz9ZZ7QzB4cD-AulpdKeg_O3tURwOATbRf0jCqvm63iXp4_b30U1mVtRJ3ykzCGl9loM9SMq3i_UEUZM_geyiQ0Z3an5bduq0Eifc8ks3N5WIihr8cXPxXiXhNep8t7NEzlClci0YfZ01lobiQx5k5CUP00YM8Tyc5CzA9cs5TOUBS2EeNZ-r4KNMQDcbQnND6QOi3kOBuA2uG7fycfN0iKEzGo3TmKXUJZXf3lTXmdsc9GLWVEMoeNM3hOVk9yYBNAhj_lFPuvGCQV1uXckZdzDKU10MNnPkGdbYNgdVS-y527mj03nSi9hx6ujszKpRPW0zTULGAhDI5cZIzzyQPy735D6W_J__fdXrkm6ahuUofNWzWrMhh7vhcC99TkCTxoLlhJf1SaxS5z622xW-YhMle7N5mW-ASzwDxs&bi=473f770e-7901-45a6-8b2e-fb1417e14be4&bbuid=7c64ce64-49cd-4984-961a-7a36c77a3486 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.94.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 19 Oct 2021 20:11:30 GMT via 1.1 google cf-cache-status DYNAMIC last-modified Mon, 28 Sep 1970 06:00:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IulfhBgKIbL0D0lf6RhF1sCx%2BQzVLPPIYmuPRiqZyEBx4FwPkeox6MmiRgZ0LDFmhlJlWfRcLQ%2B3qHwLJxcdQGLk0JUCrusW3kLsQxucIsewbZ%2BXJVfEI64VF55zWfIR"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, private, no-cache no-store proxy-revalidate cf-ray 6a0ca7ed9c73411f-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	sdk.js Show response ulmoyc.com/v1/	11 KB 4 KB	44ms 16ms	Script application/javascript	104.21.25.238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwMjc2ODUsInNpZCI6MTA0OTc3MSwid2lkIjo5MTI0Miwic3JjIjoyfQ==eyJ&d=playpaste.com&sw=evasw.js Requested by Host: pigtre.com URL: https://pigtre.com/code/native.js?h=waWQiOjEwMjc2ODUsInNpZCI6MTA0OTc3MSwid2lkIjo5MTI0Miwic3JjIjoyfQ==eyJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.25.238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1fac20ee94438c9782b372051579d3335f1b57544d4331be8bc0d0515a503d6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:33 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3430 x-zone eu alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare etag W/"2+iP25i9p03AoAF/G4ken+3ELwo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIrrOAXQ4u9mW4fH%2FqA7xHiJh5wyNVwUd7mSxrWjApGbetgfOaZwz6W2cMH%2BdsxTHmUXlYszX4eXaLeqT%2FIR9t8HTu%2FP90V3%2BXI1ogb4VyTaYQoSO6KCx5rFMRUQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://playpaste.com cache-control public, max-age=14400 cf-ray 6a0ca7fe8d58c2fe-FRA
GET H3	200	fp.js Show response ulmoyc.com/	1 KB 1 KB	45ms 29ms	Script application/javascript	104.21.25.238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ulmoyc.com/fp.js?d=playpaste.com Requested by Host: ulmoyc.com URL: https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwMjc2ODUsInNpZCI6MTA0OTc3MSwid2lkIjo5MTI0Miwic3JjIjoyfQ==eyJ&d=playpaste.com&sw=evasw.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.25.238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 257416a34a500a9a281f1457ab839c1eeb322ff24c5977c93e2957f0cfc79a0c Request headers Accept-Language de-DE,de;q=0.9 Referer https://playpaste.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:11:33 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} max-age 0 x-zone eu alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 19 Oct 2021 20:11:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dcxwo7PosOcEtcmianmEKb12qc5fRyYeKOWQTdNmtyqVYO6uCXHmDwLK7hfJc%2BCiRV1ssl4HMwD17UVkuMkXW8Pgdu3j%2B4Ejlptjip7iXIv7T5RH3iAKXs7xzmRg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://playpaste.com cache-control max-age=14400 cf-ray 6a0ca7feb84f4a97-FRA

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| enlace number| aleatorio object| BB_a number| BB_ind string| BB_vrsa number| BB_r function| $ function| jQuery object| edPushSDK object| CKEDITOR function| setCookie function| getCookie function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Sentry object| client object| __SENTRY__ object| BBRaven object| JSON3 function| postscribe function| bbHideDiv object| BB boolean| Ko object| DJrdjugsyClizpwh9yACzi function| bbgb0kqu4h3092524786 number| yPosition object| gaplugins object| gaGlobal object| gaData string| nameDomainUfp2 object| _0x524c function| _0x57b2 object| dateTimeUfp2

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			playpaste.com/	1970-01-19 22:04:35	Name: bbl Value: 1
			playpaste.com/	1969-12-31 23:59:59	Name: BB_plg Value: pm
			.playpaste.com/	1970-01-20 15:35:46	Name: _ga Value: GA1.2.1267417869.1634674291
			.playpaste.com/	1970-01-19 22:06:00	Name: _gid Value: GA1.2.1093424426.1634674291
			.playpaste.com/	1970-01-19 22:04:34	Name: _gat_gtag_UA_55809308_1 Value: 1
			.playpaste.com/	1970-01-19 22:14:39	Name: ufp2 Value: 44e8adeefadffbe5648ec90fcc939eb16742d0e8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
c.bebi.com
fonts.googleapis.com
fonts.gstatic.com
go.bebi.com
pigtre.com
playpaste.com
st.bebi.com
trck.bebi.com
ulmoyc.com
www.google-analytics.com
www.googletagmanager.com
104.21.16.76
104.21.25.238
104.21.94.194
142.250.181.232
142.250.185.142
142.250.185.170
142.250.185.195
142.250.185.65
142.250.186.106
88.208.60.53
043a67f768fc7eadd84edcca6dc5ae899a1a9a327890cde538b2959be6678cc2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068127e1b3ca988785696a99212a9165144acf95000f409b098707b99c7988d9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1dbce491ceb3512685bd0e8548d8010b06a78d068c7fe7a0693ca0aaae435c67
257416a34a500a9a281f1457ab839c1eeb322ff24c5977c93e2957f0cfc79a0c
28d296e8c598275b9d8b7d15499d55a7d6d5a628e05f12a378a5be646f41cf0e
39606353fdd9bcbdb717e5b82e77fad61a94b738233daf50feb0872db78c2e2a
3c4dd8b9ca8450296d07afd42ea5d30beb03a36b92db354c8a0274681d1fd880
5aa3724517886286b977813d799e21da8c7668ae52a34aa0123a8d87aa8dcc46
62e790a1d2e9eade1f7f4338fd1e23feb94d232ab0aee7eb2d6b1ac910903608
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca96c4f5abb628c0ac0d61c599137426a75a1de58a8a228393389fce7e529a5
77b37e56061545777a265c686835543c756b75b831c9c24740d898caed276775
77c9d943529bbef64ba98fa6d40718bf2d574dcc6b76f7ff83adde055d4c927a
85d1db4f9370bb81c93b01c6e94a29c6c854e84f391ca90b2a55c4602092adcd
8f6016b89a74791ab279a793946d5e70233528d0f003c2b6099f965418936c57
932cbd7af03f5458c0f105a064ba91e2e026e47f02196b57fa41ce7781a24ba8
94f8600cde578917e2ae9e0c71c8970b49e62db40060da61a4d24481acc9fbc6
979cc781dcf0ca68b2ad6ebf94666682014198d32268dc7dedc15cf2cd808ec2
9cba720f16c14b340c2ef7cebcdce1a3497e716bf8ce363d200fef0b3d5eb27c
ad05740966a78657cf685251d6aea88a1e8f9df8355707c82bd727d62133011f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1fac20ee94438c9782b372051579d3335f1b57544d4331be8bc0d0515a503d6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62