pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pastebin.com/A6BSjbsn
Effective URL:
https://pastebin.com/A6BSjbsn
Submission: On May 17 via manual (May 17th 2017, 8:06:02 pm UTC) from US

Summary HTTP 138 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 30 domains to perform 138 HTTP transactions. The main IP is 104.20.208.21, located in San Francisco, United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is pastebin.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 18th 2016. Valid for: a year.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	104.20.208.21 104.20.208.21	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	204.11.109.77 204.11.109.77	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google Inc.)
4	204.11.109.66 204.11.109.66	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
4	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
3	204.11.109.67 204.11.109.67	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
6	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	52.84.127.175 52.84.127.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.153.20.138 5.153.20.138	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	52.84.127.108 52.84.127.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	152.163.56.2 152.163.56.2	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
9	152.163.66.165 152.163.66.165	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
2	185.33.222.23 185.33.222.23	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	185.33.223.218 185.33.223.218	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	169.47.30.64 169.47.30.64	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	52.31.237.155 52.31.237.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.50.52.103 52.50.52.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.18.145.75 52.18.145.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	152.163.66.131 152.163.66.131	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1	52.202.130.59 52.202.130.59	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.206.4.231 52.206.4.231	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	107.178.240.89 107.178.240.89	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	169.55.70.227 169.55.70.227	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	52.205.218.72 52.205.218.72	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	195.93.42.12 195.93.42.12	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
3	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	52.216.227.136 52.216.227.136	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:401... 2a00:1450:401b:803::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.111.227.227 104.111.227.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.33.222.8 185.33.222.8	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	151.101.12.166 151.101.12.166	54113 (FASTLY) (FASTLY - Fastly)
1	62.67.193.75 62.67.193.75	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	198.47.127.15 198.47.127.15	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
138	41

45 104.20.208.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.77 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.11.109.66 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.11.109.68 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.11.109.67 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.127.175 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-127-175.iad16.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.153.20.138 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 8a.14.9905.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.127.108 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-127-108.iad16.r.cloudfront.net

cdn.q1mediahydraplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.163.56.2 (United States)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: oneads-sspums-adtech-mtc-blue-b.evip.aol.com

usync.nexage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 152.163.66.165 (United States)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.222.23 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.218 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.47.30.64 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 40.1e.2fa9.ip4.static.sl-reverse.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.237.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-237-155.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.52.103 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-52-103.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.145.75 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-145-75.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.163.66.131 (United States)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtechus-ads-adtech-mtc-blue-a.evip.aol.com

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.130.59 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-130-59.compute-1.amazonaws.com

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.4.231 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-4-231.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.89 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.55.70.227 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: e3.46.37a9.ip4.static.sl-reverse.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.218.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-218-72.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.93.42.12 (United Kingdom)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com

ums.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.227.136 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

load.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:803::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.227.227 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-227-227.deploy.static.akamaitechnologies.com

cdn.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.222.8 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.75 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.15 (Redwood City, United States)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pastebin.com pastebin.com	415 KB
11	tribalfusion.com s.tribalfusion.com	61 KB
10	advertising.com adserver-us.adtech.advertising.com sync.adaptv.advertising.com	4 KB
7	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	72 KB
6	simpli.fi i.simpli.fi um.simpli.fi	4 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	62 KB
4	adnxs.com secure.adnxs.com acdn.adnxs.com Failed ib.adnxs.com	246 B
3	adtechus.com adserver.adtechus.com
3	cpx.to p.cpx.to s.cpx.to	1 KB
3	googletagservices.com www.googletagservices.com	1 KB
3	google-analytics.com www.google-analytics.com	24 KB
2	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	9 KB
1	pubmatic.com image2.pubmatic.com	42 B
1	openx.net us-u.openx.net	43 B
1	rubiconproject.com pixel.rubiconproject.com	42 B
1	contextweb.com bh.contextweb.com	60 B
1	spotxcdn.com cdn.spotxcdn.com	43 B
1	google.de www.google.de	51 B
1	amazonaws.com load.s3.amazonaws.com	43 B
1	adtech.de ums.adtech.de	43 B
1	rlcdn.com idsync.rlcdn.com	43 B
1	lijit.com ce.lijit.com	43 B
1	pro-market.net fei.pro-market.net	52 B
1	intentiq.com sync.intentiq.com	43 B
1	turn.com d.turn.com	43 B
1	bluekai.com tags.bluekai.com	62 B
1	nexage.com usync.nexage.com	43 B
1	q1mediahydraplatform.com cdn.q1mediahydraplatform.com	23 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	exponential.com tags.expo9.exponential.com	2 KB
138	30

	Domain	Requested by
45	pastebin.com	pastebin.com s.tribalfusion.com
11	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com
9	adserver-us.adtech.advertising.com	pastebin.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	um.simpli.fi	pastebin.com
3	adserver.adtechus.com	pastebin.com
3	secure.adnxs.com	cdn.q1mediahydraplatform.com
3	i.simpli.fi	q1mediahydraplatform.com i.simpli.fi pastebin.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	pastebin.com
3	www.google-analytics.com	pastebin.com
2	s.cpx.to	pastebin.com
1	image2.pubmatic.com	pastebin.com
1	us-u.openx.net	pastebin.com
1	pixel.rubiconproject.com	pastebin.com
1	bh.contextweb.com	pastebin.com
1	ib.adnxs.com	pastebin.com
1	cdn.spotxcdn.com	pastebin.com
1	www.google.de	pastebin.com
1	load.s3.amazonaws.com	pastebin.com
1	ums.adtech.de	pastebin.com
1	idsync.rlcdn.com	pastebin.com
1	ce.lijit.com	pastebin.com
1	fei.pro-market.net	pastebin.com
1	sync.adaptv.advertising.com	pastebin.com
1	sync.intentiq.com	pastebin.com
1	d.turn.com	pastebin.com
1	bcp.crwdcntrl.net	pastebin.com
1	tags.bluekai.com	pastebin.com
1	usync.nexage.com	pastebin.com
1	cdn.q1mediahydraplatform.com	q1mediahydraplatform.com
1	ajax.googleapis.com	q1mediahydraplatform.com
1	tags.crwdcntrl.net	q1mediahydraplatform.com
1	p.cpx.to	q1mediahydraplatform.com
1	stats.g.doubleclick.net	pastebin.com
1	tags.expo9.exponential.com	pastebin.com
0	acdn.adnxs.com Failed	cdn.q1mediahydraplatform.com
138	38

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2016-12-18` - `2017-12-16`	a year	crt.sh
*.expo9.exponential.com Go Daddy Secure Certificate Authority - G2	`2016-09-29` - `2018-10-30`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.tribalfusion.com Go Daddy Secure Certificate Authority - G2	`2015-09-03` - `2018-10-07`	3 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
p.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2016-03-15` - `2019-03-20`	3 years	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-05-16` - `2017-08-08`	3 months	crt.sh
*.q1mediahydraplatform.com Amazon	`2017-01-25` - `2018-02-25`	a year	crt.sh
ums.adtechus.com DigiCert SHA2 High Assurance Server CA	`2017-03-28` - `2020-04-01`	3 years	crt.sh
*.adtech.advertising.com Entrust Certification Authority - L1K	`2015-05-29` - `2018-05-29`	3 years	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
*.bluekai.com Symantec Class 3 Secure Server SHA256 SSL CA	`2016-08-16` - `2017-08-16`	a year	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
adserver.adtechus.com Entrust Certification Authority - L1K	`2016-02-22` - `2019-02-21`	3 years	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2016-12-21` - `2018-01-30`	a year	crt.sh
*.intentiq.com Amazon	`2016-07-05` - `2017-08-05`	a year	crt.sh
*.adap.tv Entrust Certification Authority - L1K	`2016-06-28` - `2017-09-28`	a year	crt.sh
*.pro-market.net RapidSSL SHA256 CA	`2016-10-07` - `2019-11-19`	3 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2017-02-10` - `2018-05-10`	a year	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
ums.adtech.de Entrust Certification Authority - L1K	`2016-02-22` - `2019-02-21`	3 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2016-07-29` - `2017-11-29`	a year	crt.sh
www.google.de Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
cdn.spotxcdn.com GeoTrust SSL CA - G3	`2016-11-29` - `2017-10-19`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2015-04-23` - `2018-04-27`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2014-09-29` - `2017-06-07`	3 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh

This page contains 25 frames:

Primary Page: https://pastebin.com/A6BSjbsn
Frame ID: 16095.1
Requests: 92 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Frame ID: 16095.2
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Frame ID: 16095.3
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Frame ID: 16095.4
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Frame ID: 16095.5
Requests: 2 HTTP requests in this frame

Frame: https://pastebin.com/adserver/728x90_custom_unsure.php
Frame ID: 16095.6
Requests: 6 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a6mQgM3sYgTsUlWsfgRPQoTHnQTUb22r2oWErmVEUlQqrLQGZbIRrIsSWUbVGU54bevmtit0qyn4tMFQGrC4AvEpdarTWFh0rUkXbYk1qqtPbQEWbYSTdB4mUQmRUBtXaJt4aUi5aY5naFHXFjfUWMRoAnBns7vmH3H3EQ93tEN5PbGnUjLYGrUXGrU1GZbxpTvbwJ79Qn&mediaDataID=6530936&mediaName=frame.html
Frame ID: 16095.7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mQgM0b3kYFBf1E6mSU3ZbTrZb4VWrXnbQnPbjtYTYy5q7g2qMXoTZbHXb76TWZbXm67DnVvomHML5TUh3tmm5mJFmrYZbXGU01svV1svymEvT5U3UTrfZcUPf3Pab0ScvqPWYN0HvmW63N3Gv0YbrDT6im2PUePPMJ4Wvp0HJZamWeo5m3Y5VbbUcU8VGZb7SPnuWdFcNVbclI&mediaDataID=6719746&mediaName=frame.html
Frame ID: 16095.8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamQgM1cnV0V7umqbR2FQ2WbvBUPM4QTb1QVUqQdJr1WZbsTmvv4sn0YFvKU6Xw4mFgPmbC4WYMXHYKnd2y5Pn04sQ9TcFjUsB8S6FOTtFWWrbY5UEuUabmVqJaSTrZaRs3JQFunSHY7Vc3P5rXxmtqr0qmp2WbZaSGBZd4AvIpHiyTHZbhXF77XUFi1EENSbMHWUBeM45unB&mediaDataID=6807466&mediaName=frame.html
Frame ID: 16095.9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmQgMUcJ8RA3xTHMQUFfP2FTsVTbpWEJbQaYZaSGZbCPUZatPWMcUVUP5UTontEOXT6n2tMHSG7Zc26QZbodXoTd7eYbUdXbB9XqIMSUJATFBYTtQ4oFJxRFMtYaFt3T7j5EjYnaMAXrjaTtFWnmQBnV7mmHnJ3qZb85tEM5PBJnrQEXVr0YGZbY1GbNmqJ32UnVTFnrt3sxJF&mediaDataID=6815436&mediaName=frame.html
Frame ID: 16095.10
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aemQgMXaAMRrUZcUFZb0VW3WnUfvRFFsXTFs5aZbj4qMRmqJG1bJ9WHZbWnP3ImVUwod7L3TUf5tay3P7ZanrbKXsYYXcv51sfnpEF42bFQWUnEUAv3RqMQSsFqQWUNYtZbnWAfu3GB3YUrZcUATr56rePmMA4WUO0dBDpdeM4mQS3cYgTsUjWGrjSPYMTHr4TrJ05b2Dvn6Zcjb&mediaDataID=6453196&mediaName=frame.html
Frame ID: 16095.11
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=agmQgMpTZb43FY4VbBZaUmrTQaQSQsvnPdUO1H7nVmvp2Vr10FQJVm2r5Av7QmZbK2tFM0HYIpdIm3mYS5sjaTVvkVcBhS6MoWtv3TFM32r2oUqrmTaQlSEJZaSsQJRrZamSdjdVcbW5FXsnWZamYEPp2tbFSGjZa4AJEmdioUdbb0r3kYFF90EyoSbUCTrnPWtM3orQAO7CcZdM&mediaDataID=6546596&mediaName=frame.html
Frame ID: 16095.12
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aimQgMWdn3Ub735rAmWTvvWqrjPEQKRGQIPF6mRWMiWsQQ2UynodEmYa2w3tQZdQcMZc46QZdmdZaNVHJ7Xbf6Ybf61aIqSUvZbWFMSWHJ0nbQnRUjt1q3y3E3j4E7YoTJBXUY8TtMPnAQZamsYrptQJ3TZbh5teN5mvFprQZaYsYPYcnV0VbnnqnQ2UYSWbBZbVAU4REbgw0XoZbd&mediaDataID=6347136&mediaName=frame.html
Frame ID: 16095.13
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=akmQgMWUrSVdQ3mF3qPr7NXaJr5Tfl5q7XmabBYbJfUdJVoPrLpGQrpW3A2TM73Wuy5P7ZcprnG0VnPYcFX0sJomTFW2bJ2TUZbZcVm7YQTb1ScUqSHZbrYdnnVAbu4sr2YrBIUAio5PrbQPFF3drO0HBKpdEo5PB03sYdVVUdVcJ8RAYoUHZbRTr752FixVqYpTTJTm3C16u&mediaDataID=6680176&mediaName=frame.html
Frame ID: 16095.14
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aAmQgMTFFZcWPM5PTr0QVYMPd3x1djoWmbv2GY2XFQDTPXq2AQ8R6ZbF3Hvs1HrAnHTm5mYQ3sveVsQdWcMiR6rnTdvTTFrP5r6uVEjqWEJbSTYZaQcJCRbmmRd7dUVQV5bimnWqtYqPN3W3APsZbZa46JZbmdAyTdQe0bQ81FJfXqAMRrUZbUrJ2WtUXnU7uQUBq1EFHohPhYG&mediaDataID=5793196&mediaName=frame.html
Frame ID: 16095.15
Requests: 1 HTTP requests in this frame

Frame: https://pastebin.com/adserver/160x600_custom_unsure.php
Frame ID: 16095.16
Requests: 6 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5mQgMVWbhXrrbYFJe0E6MSrBDUFU1WdJ3mFJoPFfNYano3EJk2aQ3nEJBXb7fUdr0mPnJpGrumWnD3EZbl3HAM4ABKnUME0VU0XVF11VvxpT7W5b32TUvHW675REQXPGBsPHUM0tBrWP3y3GvUXFZbJVmqw46ZbhR6FG4H3s0HrAntAo5AJV4snbUGvkVcJePPFJu8ZaEBx&mediaDataID=5793216&mediaName=frame.html
Frame ID: 16095.17
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a7mQgM0G30YsY40Vromqj42bUUWFvCVP74PqMXQsQMQW7xYdboT6Uy3cr2YFvDTPau4AU6R6fI4HUr0WBZcnWin46vU5VUgVsrjVVMlSAFuWd3TWFbP5rTnWTjoTTMcPqZbZcRcQKQrAqStY9Vc354U6nodiOXEem4dYEPVBE26MHotEyTtYaYbr7Xrf61aAtPbJswT09E5&mediaDataID=4056396&mediaName=frame.html
Frame ID: 16095.18
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a9mQ8yVcMjUsFiP6ryUHFSTUbX3FasUqroVE3bQaBZaRsfAPF6vSH38VsnQ5b6ootyrXaup2HjZbQVjE2mnZapdTmUH78YbfiXbYiXaApPbQZbUFUPVdJUobFoRUfNXaQn3aJh2an4nEJHXbfcTWMRoAnBnV7nmHbJ2Tnf2WZat46vZanFbZb0VUVYVv11GrMmq745VYdygVghJ&mediaDataID=5436426&mediaName=frame.html
Frame ID: 16095.19
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=abmQ8y1Uj9XqZaoSUYEUrB3WdFXobjrRUjrYTQs5aUj5EYPmabIXrfdTdfVn6fIpVfmoWvJ3aF93des3ABZbmrfIYVYRYsFT1svNpTZbP5U32VUbZbWP7VRTnXScQMPWBuYHbtT6rO3cr0YFnZaU6im2PUePmMB4WBO1HMLmH6N4ABS5Gj9Vsr7WVBlSPJNTH33Ws7hO8npkK&mediaDataID=5406476&mediaName=frame.html
Frame ID: 16095.20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2
Frame ID: 16095.21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2
Frame ID: 16095.23
Requests: 1 HTTP requests in this frame

Frame: https://pastebin.com/adserver/300x250_custom_unsure.php
Frame ID: 16095.25
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2
Frame ID: 16095.26
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 16095.34
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

138
Requests

88 %
HTTPS

15 %
IPv6

30
Domains

38
Subdomains

41
IPs

5
Countries

712 kB
Transfer

2215 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/deals/online-courses?sort=best_sellers
Title: Learn something new in 2017

Search URL Search Domain Scan URL

URL: https://deals.pastebin.com/
Title: deals

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 98

https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814
https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814;cfp=1

Request 99

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746

Request 101

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764

Request 102

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764

Request 105

https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=eee9f571-7ae6-4311-bc61-f79adddb3b6c

Request 106

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fca.png%253Fpid%253D11821%2526ref%253D%2526hn_ver%253D5%2526fid%253D0e47381b-4573-464b-a291-2c0b1aac1e78%2526adnxs_uid%25...
https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&adnxs_uid=1955584850242226396

Request 107

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78
https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&google_gid=CAESEDi3WUcDVKcEDJ1oWLlXbtY&google_cver=1

Request 109

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746

Request 110

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764

Request 111

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764

Request 112

https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814

Request 113

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=149505152...

Request 114

https://um.simpli.fi/turn
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A14990507AD1C59B827D8B502E9C814

Request 115

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=149505152...

Request 116

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=149505152...

Request 117

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A14990507AD1C59B827D8B502E9C814

Request 121

https://um.simpli.fi/adaptv
https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A14990507AD1C59B827D8B502E9C814

Request 122

https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;sr

Request 123

https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814
https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814&dnr=1

Request 124

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=ae4c1579716c06a23c6cd72bb6d0849f842325a49ca84f767d619a58219ae6b0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=01707554042564623172867389691869599101

Request 125

https://um.simpli.fi/aol
https://ums.adtech.de/mapuser?providerid=1051;userid=8A14990507AD1C59B827D8B502E9C814

Request 126

https://ads.yahoo.com/cms/v1?esig=1~6df59d9d88a5fd320eaa9784cd28c41c2b86a6bf&sigv=1&nwid=10001117430
https://um.simpli.fi/y_match?xid=rOHpwzcoXHDIYV70HLSc30YX

Request 127

https://d.agkn.com/pixel/5502/?atr=000&sk=164021102328003306780&pd=&l0=https://um.simpli.fi/aa_px?sk=164021102328003306780
https://um.simpli.fi/aa_px?sk=164021102328003306780

Request 128

https://loadr.exelator.com/load/?p=104&g=870&j=0
https://load.s3.amazonaws.com/pixel.gif

Request 129

https://www.google.com/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&conv...
https://www.google.de/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&convc...

Request 130

https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A14990507AD1C59B827D8B502E9C814
https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif

Request 131

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=8A14990507AD1C59B827D8B502E9C814

Request 132

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A14990507AD1C59B827D8B502E9C814

Request 133

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A14990507AD1C59B827D8B502E9C814&expires=365

Request 134

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A14990507AD1C59B827D8B502E9C814

Request 135

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A14990507AD1C59B827D8B502E9C814

Request 136

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A14990507AD1C59B827D8B502E9C814
https://um.simpli.fi/g_match?id=

138 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request A6BSjbsn Show response
pastebin.com/
Redirect Chain

http://pastebin.com/A6BSjbsn
https://pastebin.com/A6BSjbsn

648 KB
289 KB

328ms
308ms

Document
text/html

104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

37dad49f27de93f7bdb9b25d4981a645e85add143cf93c60a006a68da8d97898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /A6BSjbsn
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare-nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 200
set-cookie: views=1; expires=Thu, 18-May-2017 08:05:22 GMT; Max-Age=43200; path=/
cf-ray: 360930ec3c02279e-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

Date: Wed, 17 May 2017 20:05:21 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Content-Type: text/html
location: https://pastebin.com/A6BSjbsn
Set-Cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; expires=Thu, 17-May-18 20:05:21 GMT; path=/; domain=.pastebin.com; HttpOnly
Connection: keep-alive
CF-RAY: 360930ea71ba6361-FRA
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
30 KB 12ms
9ms Script
application/x-javascript 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/js/jquery.min.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

:path: /js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 360930ee3d48279e-FRA
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 pastebin.min.v2.js Show response
pastebin.com/js/ 35 KB
12 KB 19ms
16ms Script
application/x-javascript 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v2.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /js/pastebin.min.v2.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:32:00 GMT
server: cloudflare-nginx
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7776000
cf-ray: 360930ee3d49279e-FRA
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 text.css
pastebin.com/cache/css_lang/ 706 B
343 B 10ms
7ms Stylesheet
text/css 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://pastebin.com/cache/css_lang/text.css
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6

Request headers

:path: /cache/css_lang/text.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 09:15:56 GMT
server: cloudflare-nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 360930ee3d44279e-FRA
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 pastebin.min.v4.css
pastebin.com/i/ 39 KB
8 KB 11ms
8ms Stylesheet
text/css 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v4.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/pastebin.min.v4.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:30:05 GMT
server: cloudflare-nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7776000
cf-ray: 360930ee3d46279e-FRA
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
1 KB 17ms
14ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/guest.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Request headers

:path: /i/guest.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-480"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee3d4a279e-FRA
content-length: 1152
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
61 B 10ms
8ms Image
image/gif 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/t.gif
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Request headers

:path: /i/t.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-2b"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee3d4b279e-FRA
content-length: 43
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/Pastebincom/Unsure/ 7 KB
2 KB 858ms
173ms Script
application/x-javascript 204.11.109.77
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/Pastebincom/Unsure/tags.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.77 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: tags.expo9.exponential.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:23 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 5909443542969422214
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, public
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2306
Expires: Wed, 17 May 2017 21:05:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://pastebin.com/A6BSjbsn
:scheme: https
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 01:31:56 GMT
server: Golfe2
age: 926
date: Wed, 17 May 2017 19:49:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 12267
expires: Wed, 17 May 2017 21:49:56 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
209 B 15ms
12ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/header_bg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Request headers

:path: /i/header_bg.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-bf"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9db5279e-FRA
content-length: 191
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
18 KB 21ms
18ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/pastebin_logo_side_outline.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Request headers

:path: /i/pastebin_logo_side_outline.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-4660"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9db6279e-FRA
content-length: 18016
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
509 B 20ms
18ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/add_2.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Request headers

:path: /i/add_2.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-1eb"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9db7279e-FRA
content-length: 491
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
1 KB 22ms
20ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/search.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Request headers

:path: /i/search.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-595"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9db8279e-FRA
content-length: 1429
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 menu_down.png
pastebin.com/i/ 506 B
524 B 23ms
20ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/menu_down.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20

Request headers

:path: /i/menu_down.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-1fa"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dbb279e-FRA
content-length: 506
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 dd_pastebin.png
pastebin.com/i/ 667 B
685 B 32ms
30ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/dd_pastebin.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1

Request headers

:path: /i/dd_pastebin.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-29b"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dbc279e-FRA
content-length: 667
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 dd_messages.png
pastebin.com/i/ 1 KB
1 KB 13ms
11ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/dd_messages.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3

Request headers

:path: /i/dd_messages.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-44b"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dbd279e-FRA
content-length: 1099
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 dd_alerts.png
pastebin.com/i/ 915 B
933 B 9ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/dd_alerts.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771

Request headers

:path: /i/dd_alerts.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-393"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dbe279e-FRA
content-length: 915
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 dd_settings.png
pastebin.com/i/ 1 KB
1 KB 12ms
10ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/dd_settings.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3

Request headers

:path: /i/dd_settings.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-4ee"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dbf279e-FRA
content-length: 1262
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
393 B 19ms
17ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/linebg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Request headers

:path: /i/linebg.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-177"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dc0279e-FRA
content-length: 375
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 public.png
pastebin.com/i/ 2 KB
2 KB 22ms
21ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/public.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Request headers

:path: /i/public.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:22 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-7d3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ee9dc1279e-FRA
content-length: 2003
expires: Tue, 15 Aug 2017 20:05:22 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
44 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j54&a=1456577545&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&ul=en-us&de=UTF-8&dt=https%3A%2F%2Ftwitter.com%2F%23!%2Fpassfile%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1598x1083&je=0&fl=25.0%20r0&_u=IGBAgEAB~&jid=1674823761&cid=200533037.1495051522&tid=UA-58643-34&_gid=1473312211.1495051522&z=1097974283

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j54&a=1456577545&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&ul=en-us&de=UTF-8&dt=https%3A%2F%2Ftwitter.com%2F%23!%2Fpassfile%20-%20Pastebin.com&sd=24-bit&sr=1600x1200&vp=1598x1083&je=0&fl=25.0%20r0&_u=IGBAgEAB~&jid=1674823761&cid=200533037.1495051522&tid=UA-58643-34&_gid=1473312211.1495051522&z=1097974283
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://pastebin.com/A6BSjbsn
:scheme: https
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2017 12:42:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 717766
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
44 B 44ms
15ms Image
image/gif 2a00:1450:400c:c08::9d
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j54&tid=UA-58643-34&cid=200533037.1495051522&jid=1674823761&_u=IGBAgEAB~&z=1339287433

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400c:c08::9d , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /r/collect?t=dc&aip=1&_r=3&v=1&_v=j54&tid=UA-58643-34&cid=200533037.1495051522&jid=1674823761&_u=IGBAgEAB~&z=1339287433
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: stats.g.doubleclick.net
referer: https://pastebin.com/A6BSjbsn
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 May 2017 20:05:22 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Unsure/ Frame 1609 58 KB
14 KB 929ms
310ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f60567606f18a72c97c27a86b0da27c9ea7b8280b420454ad04ac5efb428d0e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:23 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 15345590743797626781
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13918
Expires: Wed, 17 May 2017 21:05:23 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Unsure/ Frame 1609 58 KB
14 KB 926ms
312ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f60567606f18a72c97c27a86b0da27c9ea7b8280b420454ad04ac5efb428d0e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:23 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 15345590743797626781
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13918
Expires: Wed, 17 May 2017 21:05:23 GMT

GET
H2 200 facebook_svg.png
pastebin.com/i/ 794 B
812 B 22ms
20ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/facebook_svg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Request headers

:path: /i/facebook_svg.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-31a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94a279e-FRA
content-length: 794
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 twitter_svg.png
pastebin.com/i/ 1 KB
1 KB 9ms
7ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/twitter_svg.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Request headers

:path: /i/twitter_svg.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-5d2"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94b279e-FRA
content-length: 1490
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 user.png
pastebin.com/i/ 2 KB
2 KB 23ms
22ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/user.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383

Request headers

:path: /i/user.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-6c9"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94c279e-FRA
content-length: 1737
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 date.png
pastebin.com/i/ 1 KB
1 KB 17ms
16ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/date.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df

Request headers

:path: /i/date.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-4b3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94d279e-FRA
content-length: 1203
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 views.png
pastebin.com/i/ 1 KB
1 KB 9ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/views.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642

Request headers

:path: /i/views.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-5aa"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94e279e-FRA
content-length: 1450
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 expire.png
pastebin.com/i/ 2 KB
2 KB 9ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/expire.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154

Request headers

:path: /i/expire.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-6c1"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c94f279e-FRA
content-length: 1729
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 info.png
pastebin.com/i/ 2 KB
2 KB 8ms
7ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/info.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Request headers

:path: /i/info.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-68c"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3c950279e-FRA
content-length: 1676
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 steadfast_1.png
pastebin.com/i/ 1 KB
1 KB 15ms
13ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/steadfast_1.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009

Request headers

:path: /i/steadfast_1.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-4dd"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f3d969279e-FRA
content-length: 1245
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Unsure/ Frame 1609 58 KB
14 KB 914ms
306ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f60567606f18a72c97c27a86b0da27c9ea7b8280b420454ad04ac5efb428d0e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 15345590743797626781
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13918
Expires: Wed, 17 May 2017 21:05:24 GMT

GET
H2 200 pro_btn_hover.png
pastebin.com/i/ 729 B
747 B 10ms
9ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/pro_btn_hover.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc

Request headers

:path: /i/pro_btn_hover.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-2d9"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ad4279e-FRA
content-length: 729
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
836 B 11ms
9ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/facebook_circle.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Request headers

:path: /i/facebook_circle.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-332"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ad7279e-FRA
content-length: 818
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
972 B 14ms
12ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/twitter_circle.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Request headers

:path: /i/twitter_circle.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-3ba"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ad8279e-FRA
content-length: 954
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
3 KB 10ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_chrome.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Request headers

:path: /i/footer_chrome.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-bae"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ad9279e-FRA
content-length: 2990
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
3 KB 11ms
9ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_firefox.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Request headers

:path: /i/footer_firefox.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-c6a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ada279e-FRA
content-length: 3178
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
3 KB 12ms
10ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_ios.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Request headers

:path: /i/footer_ios.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-bc3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53adb279e-FRA
content-length: 3011
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
2 KB 14ms
12ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_windows.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Request headers

:path: /i/footer_windows.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-710"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53adc279e-FRA
content-length: 1808
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_webos.png
pastebin.com/i/ 3 KB
3 KB 10ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_webos.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f

Request headers

:path: /i/footer_webos.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-d1e"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53add279e-FRA
content-length: 3358
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
2 KB 14ms
13ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_android.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Request headers

:path: /i/footer_android.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-9a5"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ade279e-FRA
content-length: 2469
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
3 KB 13ms
11ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_macosx.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Request headers

:path: /i/footer_macosx.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-b31"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ae0279e-FRA
content-length: 2865
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
3 KB 11ms
10ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_opera.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Request headers

:path: /i/footer_opera.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-ac4"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ae1279e-FRA
content-length: 2756
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
4 KB 19ms
18ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/footer_linux.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Request headers

:path: /i/footer_linux.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-11db"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ae2279e-FRA
content-length: 4571
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 learn_promo.png
pastebin.com/i/ 3 KB
3 KB 12ms
11ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/learn_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

d544fb9b7cc569636e97cac7f3d428ec59949c9f2b40e32eaca1ffcdfcc13dfb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/learn_promo.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 09:13:23 GMT
server: cloudflare-nginx
etag: "590c4233-d14"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ae3279e-FRA
content-length: 3348
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
1 KB 13ms
12ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /i/close_promo.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare-nginx
etag: "590c3d57-594"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f53ae4279e-FRA
content-length: 1428
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H/1.1 200
OK tags.js Show response
s.tribalfusion.com/real/tags/Pastebincom/Unsure/ Frame 1609 58 KB
14 KB 471ms
158ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: f60567606f18a72c97c27a86b0da27c9ea7b8280b420454ad04ac5efb428d0e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 15345590743797626781
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13918
Expires: Wed, 17 May 2017 21:05:24 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
469 B 9ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/cd-top-arrow.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Request headers

:path: /i/cd-top-arrow.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:23 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-1c3"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930f7bcd3279e-FRA
content-length: 451
expires: Tue, 15 Aug 2017 20:05:23 GMT

GET
H/1.1 200
OK Cookie set displayAd.js Show response
s.tribalfusion.com/ Frame 1609 678 B
331 B 180ms
179ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7680480724
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: a55664343721d7db358f3f7e4f32d2da55beda06c6d78d6952b8382fd5210b06

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=ahnqAcm5abmmyuoETMf3foIGXZb3yVw78vuSDZbfXMO8cyJRnZaihyubZdys7BKZctEdN; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 331
Expires: Tue, 15 Aug 2017 20:05:24 GMT

GET
H/1.1 200
OK Cookie set displayAd.js Show response
s.tribalfusion.com/ Frame 1609 677 B
326 B 305ms
155ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7680480724
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: fe7a6cd195bfbe4905906ebfdec13fb35dcb5482c8a29260e9cfd9ba8d7feff6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=arnqAcNZaiMMmmemDnPHur7IpPvXl4va7j2yAmJtJDp6OnQmjX414ni56FJKZctedE; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 326
Expires: Tue, 15 Aug 2017 20:05:24 GMT

GET
H/1.1 200
OK Cookie set displayAd.js Show response
s.tribalfusion.com/ Frame 1609 679 B
331 B 176ms
154ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7680480724
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: d986fa3e15fea470a200f0ec674439539c85d354860e98856db70e1a6b3c2b58

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=agnqAcSkTsumutosiaZceY3IWI8U44xlBvfVPUDNJdY9O3ky42mXI6qS6ZbSKZct2aX; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 331
Expires: Tue, 15 Aug 2017 20:05:24 GMT

GET
H/1.1 200
OK Cookie set j.ad Show response
s.tribalfusion.com/ Frame 1609 8 KB
3 KB 188ms
155ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=25&ver=1.28&th=7680480724&tagKey=2417088028&loaderVer=0.1&site=pastebincom&adSpace=unsure&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&f=0&p=11454600&tKey=agmneMnqnQ2UYSWbBZbVAU42tvgQReBgL&a=1&adContainerId=richmedia_2&rnd=11451837
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 8770c34957e6cdc04d70665a316d4e3ea4dc0356583216ba51a11df0b7b91816

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Cookie: ANON_ID=ahnqAcm5abmmyuoETMf3foIGXZb3yVw78vuSDZbfXMO8cyJRnZaihyubZdys7BKZctEdN
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=aCnsmAO5nPuQPRo7UVrNtLSyJrNEcn7Xix4UPeRps1auVTTByxPLy4RaBmTCJeyaElLahNN1Gpri; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 3397
Expires: 0

GET
H/1.1 200
OK Cookie set displayAd.js Show response
s.tribalfusion.com/ Frame 1609 678 B
329 B 231ms
156ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7680480724
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: d3df206f26782cd2e49b39096764452cf2c5be4ac73efc9ce37288275a343780

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Cookie: ANON_ID=ahnqAcm5abmmyuoETMf3foIGXZb3yVw78vuSDZbfXMO8cyJRnZaihyubZdys7BKZctEdN
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:24 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 1
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=avnrmetMPm5bTgUpMDVj5H3kUVpGksi5qQusPparcbSKB7TcbyldFbbJM9ZbsjrMAnHQ0; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private
Last-Modified: Sat, 29 Apr 2017 07:06:01 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 329
Expires: Tue, 15 Aug 2017 20:05:24 GMT

GET
H/1.1 200
OK Cookie set j.ad Show response
s.tribalfusion.com/ Frame 1609 4 KB
2 KB 180ms
180ms Script
application/x-javascript 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=25&ver=1.28&th=7680480724&tagKey=2417088028&loaderVer=0.1&site=pastebincom&adSpace=unsure&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600,120x600&busted=1&url=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&f=0&p=11454600&tKey=aqmneMRdf9VVvP5bPundArTHqIQRecQE&a=3&adContainerId=richmedia_4&rnd=11458917
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: e7a6467f1c61f9916063a69749cfaef180a97dc65581e22dfe75f3e47e108e08

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Cookie: ANON_ID=arnqAcNZaiMMmmemDnPHur7IpPvXl4va7j2yAmJtJDp6OnQmjX414ni56FJKZctedE
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 4
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=aensmAu4YUMAqcn63go3OYm5JZaNahsg1IhVW6SRRtoaL59UAB7YhaJp83Mxq7UyEr0CttqN1GSBO; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:24 GMT;
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1849
Expires: 0

GET
H2 200 728x90_custom_unsure.php Show response
pastebin.com/adserver/ Frame 1609 559 B
402 B 135ms
134ms Document
text/html 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/728x90_custom_unsure.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

d48fb8290cfbeb5c94091f079cfbc96eb0f21792d99be7568b58b430f5c71246

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/728x90_custom_unsure.php
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:24 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 360930fbefa2279e-FRA
x-xss-protection: 1; mode=block

GET p.media
s.tribalfusion.com/ Frame 1609 0
0

GET
H/1.1 200
OK Cookie set j.ad Show response
s.tribalfusion.com/ Frame 1609 608 B
488 B 574ms
207ms Script
application/x-javascript 204.11.109.67
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=25&ver=1.28&th=7680480724&tagKey=2417088028&loaderVer=0.1&site=pastebincom&adSpace=unsure&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250,300x600&busted=1&url=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&f=0&p=11454600&tKey=aumneMXrFZaUmmr5mMhQ6JAPaQEQRehk3&a=7&adContainerId=richmedia_8&rnd=11454676
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.67 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 78c7de0b78921e154e2692de3b5445a62b1d3326517c4b37aef18f8001d0521b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.tribalfusion.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Cookie: ANON_ID=avnrmetMPm5bTgUpMDVj5H3kUVpGksi5qQusPparcbSKB7TcbyldFbbJM9ZbsjrMAnHQ0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 1
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Set-Cookie: ANON_ID=aOnsmASyZaR38T8vnQ2v3Gm5g7n5ExZahYaZbPbm7crGZcxuMfSqYQRHlg8Um4ZayyhBFQkhEl7ZbLh0ZdV; path=/; domain=.tribalfusion.com; expires=Tue, 15-Aug-2017 20:05:25 GMT;
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 488
Expires: 0

GET
H2 200 160x600_custom_unsure.php Show response
pastebin.com/adserver/ Frame 1609 560 B
401 B 230ms
230ms Document
text/html 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/160x600_custom_unsure.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

3bfabf0e3fe93a317c0a14c9fc56fcd9976c6b0464723b0630c4917bfa62c6b5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/160x600_custom_unsure.php
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:24 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 360930fca821279e-FRA
x-xss-protection: 1; mode=block

GET p.media
s.tribalfusion.com/ Frame 1609 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1609 3 KB
1 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/728x90_custom_unsure.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7bb7b63fa2443efd4cb956609e8b9d921778b986eeded25db4c7779622c616bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /tag/js/gpt.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagservices.com
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
:method: GET
Referer: https://pastebin.com/adserver/728x90_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 19:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
status: 200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 1315
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2017 17:49:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2017 19:52:42 GMT

GET
H2 200 pubads_impl_118.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1609 183 KB
63 KB 19ms
5ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_118.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/728x90_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Mon, 15 May 2017 22:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163122
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 64693
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2017 22:09:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 May 2018 22:46:42 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 3 KB
2 KB 19ms
6ms Other
text/html 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /safeframe/1-0-8/html/container.html?n=2
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Purpose: prefetch
Referer: https://pastebin.com/adserver/728x90_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Mon, 15 May 2017 13:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2017 21:46:52 GMT
server: sffe
age: 195772
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1747
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 13:42:32 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1609 7 KB
3 KB 47ms
47ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=332382684648325&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809107%2C108809153%2C21060233&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_728x90_Brand&sz=728x90&eri=2&cookie_enabled=1&cdm=pastebin.com&lmt=1495051524&dt=1495051524682&ea=0&frm=23&biw=1583&bih=1083&isw=728&ish=90&oid=3&adk=1840411530&ifi=1&ifk=3023555741&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F728x90_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051525&ga_hid=12198043

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

6305b56b31b291d93f2b4d80bbba31eea297605d72424ea09946a8e3c2fddd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=332382684648325&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809107%2C108809153%2C21060233&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_728x90_Brand&sz=728x90&eri=2&cookie_enabled=1&cdm=pastebin.com&lmt=1495051524&dt=1495051524682&ea=0&frm=23&biw=1583&bih=1083&isw=728&ish=90&oid=3&adk=1840411530&ifi=1&ifk=3023555741&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F728x90_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051525&ga_hid=12198043
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/728x90_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 3042
x-xss-protection: 1; mode=block
google-lineitem-id: 113439906
pragma: no-cache
server: cafe
google-creative-id: 121737451266
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Wed, 17-May-2017 20:20:24 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 0
0

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1609 76 KB
28 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

a72858f08a14a963af7487a0bf37c9508d03ddca5e0adffdf52a1dda1e27e76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/osd.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/728x90_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 29132
x-xss-protection: 1; mode=block
server: cafe
etag: 4678353429265325375
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 17 May 2017 20:15:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1609 3 KB
0 20ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/160x600_custom_unsure.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7bb7b63fa2443efd4cb956609e8b9d921778b986eeded25db4c7779622c616bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /tag/js/gpt.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagservices.com
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
:method: GET

Response headers

date: Wed, 17 May 2017 19:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
status: 200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 1315
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2017 17:49:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2017 19:52:42 GMT

GET
H2 200 pubads_impl_118.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1609 183 KB
0 19ms
5ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_118.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET

Response headers

date: Mon, 15 May 2017 22:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163122
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 64693
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2017 22:09:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 May 2018 22:46:42 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 3 KB
2 KB 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /safeframe/1-0-8/html/container.html?n=2
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: https://pastebin.com/adserver/160x600_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Purpose: prefetch
Referer: https://pastebin.com/adserver/160x600_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Mon, 15 May 2017 13:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2017 21:46:52 GMT
server: sffe
age: 195772
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1747
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 13:42:32 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1609 7 KB
3 KB 71ms
70ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3855568427117238&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809103%2C21060002&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_160x600_Brand&sz=160x600&eri=2&cookie=ID%3D10647b54a67a7d8d%3AT%3D1495051524%3AS%3DALNI_MZrBuKowJKL_siWq9SW__It7qFIoA&cdm=pastebin.com&lmt=1495051524&dt=1495051524861&ea=0&frm=23&biw=1583&bih=1083&isw=160&ish=600&oid=3&adk=2845968274&ifi=1&ifk=643169265&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F160x600_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051525&ga_hid=1937351069

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

69cdc7e9b020cf38380c56869228bf271db40edf2feafcbd0ea8ba7e3df2c368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=3855568427117238&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809103%2C21060002&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_160x600_Brand&sz=160x600&eri=2&cookie=ID%3D10647b54a67a7d8d%3AT%3D1495051524%3AS%3DALNI_MZrBuKowJKL_siWq9SW__It7qFIoA&cdm=pastebin.com&lmt=1495051524&dt=1495051524861&ea=0&frm=23&biw=1583&bih=1083&isw=160&ish=600&oid=3&adk=2845968274&ifi=1&ifk=643169265&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F160x600_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051525&ga_hid=1937351069
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
cookie: id=22fcfaee713c000e||t=1495051524|et=730|cs=002213fd48608180118e3644fa; IDE=AHWqTUkU6zevZbjiyoEL5U_-EyFemWRoiALzl6RkA_N-Glg2r90139CJBQ
:scheme: https
referer: https://pastebin.com/adserver/160x600_custom_unsure.php
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/160x600_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 2976
x-xss-protection: 1; mode=block
google-lineitem-id: 113439906
pragma: no-cache
server: cafe
google-creative-id: 121737451986
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 0
0

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1609 76 KB
28 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

a72858f08a14a963af7487a0bf37c9508d03ddca5e0adffdf52a1dda1e27e76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/osd.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: https://pastebin.com/adserver/160x600_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/160x600_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 29132
x-xss-protection: 1; mode=block
server: cafe
etag: 4678353429265325375
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 17 May 2017 20:15:18 GMT

GET
H2 200 menu_mobile.png
pastebin.com/i/ 915 B
933 B 9ms
8ms Image
image/png 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastebin.com/i/menu_mobile.png
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36

Request headers

:path: /i/menu_mobile.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1; __gads=ID=10647b54a67a7d8d:T=1495051524:S=ALNI_MZrBuKowJKL_siWq9SW__It7qFIoA
:scheme: https
referer: https://pastebin.com/i/pastebin.min.v4.css
:method: GET
Referer: https://pastebin.com/i/pastebin.min.v4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:24 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare-nginx
etag: "5670e544-393"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 360930ff09b6279e-FRA
content-length: 915
expires: Tue, 15 Aug 2017 20:05:24 GMT

GET
H2 200 300x250_custom_unsure.php Show response
pastebin.com/adserver/ Frame 1609 561 B
402 B 118ms
118ms Document
text/html 104.20.208.21
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/adserver/300x250_custom_unsure.php

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/Pastebincom/Unsure/tags.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.20.208.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

82aba3e51fa12d81450138481b42cc9cbf496e7e3aebcd4629a870094c263ac1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /adserver/300x250_custom_unsure.php
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control: no-cache
:authority: pastebin.com
cookie: __cfduid=dcbd51dda14e5e729671e15ca07e749701495051521; views=1; _ga=GA1.2.200533037.1495051522; _gid=GA1.2.1473312211.1495051522; _gat=1; __gads=ID=10647b54a67a7d8d:T=1495051524:S=ALNI_MZrBuKowJKL_siWq9SW__It7qFIoA
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:25 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 360931022bf0279e-FRA
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1609 3 KB
0 20ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/adserver/300x250_custom_unsure.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7bb7b63fa2443efd4cb956609e8b9d921778b986eeded25db4c7779622c616bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /tag/js/gpt.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagservices.com
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
:method: GET

Response headers

date: Wed, 17 May 2017 19:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
status: 200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 1315
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2017 17:49:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2017 19:52:42 GMT

GET
H2 200 pubads_impl_118.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1609 183 KB
0 19ms
5ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_118.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: https://pastebin.com/adserver/728x90_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET

Response headers

date: Mon, 15 May 2017 22:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163122
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 64693
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2017 22:09:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 May 2018 22:46:42 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1609 7 KB
3 KB 51ms
51ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4485815379203175&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809103%2C108809154&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_300x250_Brand&sz=300x250&eri=2&cookie=ID%3D10647b54a67a7d8d%3AT%3D1495051524%3AS%3DALNI_MZrBuKowJKL_siWq9SW__It7qFIoA&cdm=pastebin.com&lmt=1495051526&dt=1495051526009&ea=0&frm=23&biw=1583&bih=1083&isw=300&ish=250&oid=3&adk=2753410329&ifi=1&ifk=2231635304&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051526&ga_hid=474895837

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

318b4ec464176365ac04eb99ba020710dd6838d7521918feb31a989d741b539e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4485815379203175&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809080%2C108809103%2C108809154&sc=1&sfv=1-0-8&iu=%2F15184186%2FPastebin_300x250_Brand&sz=300x250&eri=2&cookie=ID%3D10647b54a67a7d8d%3AT%3D1495051524%3AS%3DALNI_MZrBuKowJKL_siWq9SW__It7qFIoA&cdm=pastebin.com&lmt=1495051526&dt=1495051526009&ea=0&frm=23&biw=1583&bih=1083&isw=300&ish=250&oid=3&adk=2753410329&ifi=1&ifk=2231635304&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&nhd=2&iag=15&url=https%3A%2F%2Fpastebin.com%2Fadserver%2F300x250_custom_unsure.php&ref=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&top=https%3A%2F%2Fpastebin.com%2FA6BSjbsn&dssz=2&icsg=10&std=0&vrg=118&vrp=118&ga_vid=200533037.1495051522&ga_sid=1495051526&ga_hid=474895837
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
cookie: id=22fcfaee713c000e||t=1495051524|et=730|cs=002213fd48608180118e3644fa; IDE=AHWqTUkU6zevZbjiyoEL5U_-EyFemWRoiALzl6RkA_N-Glg2r90139CJBQ
:scheme: https
referer: https://pastebin.com/adserver/300x250_custom_unsure.php
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/adserver/300x250_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 3148
x-xss-protection: 1; mode=block
google-lineitem-id: 113439906
pragma: no-cache
server: cafe
google-creative-id: 121743169746
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 3 KB
2 KB 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /safeframe/1-0-8/html/container.html?n=2
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: https://pastebin.com/adserver/300x250_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Purpose: prefetch
Referer: https://pastebin.com/adserver/300x250_custom_unsure.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Mon, 15 May 2017 13:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2017 21:46:52 GMT
server: sffe
age: 195774
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1747
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 13:42:32 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1609 0
0

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1609 76 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

a72858f08a14a963af7487a0bf37c9508d03ddca5e0adffdf52a1dda1e27e76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/osd.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: https://pastebin.com/adserver/160x600_custom_unsure.php
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET

Response headers

date: Wed, 17 May 2017 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 29132
x-xss-protection: 1; mode=block
server: cafe
etag: 4678353429265325375
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 17 May 2017 20:15:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://pastebin.com/A6BSjbsn
:scheme: https
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 01:31:56 GMT
server: Golfe2
age: 931
date: Wed, 17 May 2017 19:49:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 12267
expires: Wed, 17 May 2017 21:49:56 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11821/ 994 B
994 B 634ms
221ms Script
application/javascript 52.84.127.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11821/px.js
Requested by: Host: q1mediahydraplatform.com
URL: https://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c4bad1d148132957a35&qz=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.127.175 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-84-127-175.iad16.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88df5c8c4e70b9b150f2cd94a847ef52f0f15bc382bd15cb3a1f87e282c26ed6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: p.cpx.to
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 14 Feb 2017 15:01:57 GMT
Content-Encoding: UTF-8
Last-Modified: Tue, 14 Feb 2017 14:53:36 GMT
Server: AmazonS3
Age: 1693693
ETag: "b97096229b814b3372196f691165f42e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d1201a6f66026e2a6d778a9fd9208986.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 994
X-Amz-Cf-Id: DvLM_KdMJhpu1kntMl_a5N0PtEPb_5gjtO3jqQ6r1A8amvQ0kZwUHw==

GET
H/1.1 200
OK Cookie set dpx.js Show response
i.simpli.fi/ 3 KB
3 KB 40ms
12ms Script
application/javascript 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=42566&m=1&sifi_tuid=21007

Requested by

Host: q1mediahydraplatform.com
URL: https://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c4bad1d148132957a35&qz=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

71b0a8592c1f630f017d61d1b4daa190713b5560c41e1fb208ca3b1ca1de9304

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: i.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:27 GMT
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Connection: keep-alive
Content-Length: 2743
Pragma: no-cache
Last-Modified: Thu, 11 May 2017 17:01:09 GMT
Server: nginx
ETag: "591498d5-ab7"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Set-Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==; expires=Fri, 18-May-18 20:05:27 GMT; domain=simpli.fi; path=/
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/9542/ 32 KB
9 KB 32ms
15ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/9542/cc.js?ns=_cc9542
Requested by: Host: q1mediahydraplatform.com
URL: https://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c4bad1d148132957a35&qz=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41B8) /
Resource Hash: 2c5d1f0b2a89ddc2befa975a1087d84f79d90d071b2efa98e78784fb8f75e33a

Request headers

:path: /c/9542/cc.js?ns=_cc9542
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tags.crwdcntrl.net
referer: https://pastebin.com/A6BSjbsn
:scheme: https
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 20:05:27 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2017 15:36:38 GMT
server: ECS (fcn/41B8)
etag: "58b6ea86-7fd7+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 9579
expires: Thu, 18 May 2017 20:05:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: q1mediahydraplatform.com
URL: https://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c4bad1d148132957a35&qz=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ajax/libs/jquery/1.10.2/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ajax.googleapis.com
referer: https://pastebin.com/A6BSjbsn
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 13:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543497
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 32954
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 May 2018 13:07:10 GMT

GET
H2 200 prebid-Q1Media.js Show response
cdn.q1mediahydraplatform.com/assets/js/ 72 KB
23 KB 505ms
119ms Script
application/javascript 52.84.127.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.q1mediahydraplatform.com/assets/js/prebid-Q1Media.js
Requested by: Host: q1mediahydraplatform.com
URL: https://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c4bad1d148132957a35&qz=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.127.108 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-84-127-108.iad16.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec59fc0ea5bbd02c0394554c3485ca1b2d68d3679e0db937d56a94687293d67

Request headers

:path: /assets/js/prebid-Q1Media.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.q1mediahydraplatform.com
referer: https://pastebin.com/A6BSjbsn
:scheme: https
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:29:18 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2017 19:22:00 GMT
server: AmazonS3
age: 327
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: RLfb92Yy987OAh-OaeyiqYgDkWmlyL00GmjsvoKYJpFKePsTFC_mEw==
via: 1.1 0579f4eba24bbe8abed6a0529591ab2d.cloudfront.net (CloudFront)

GET
H/1.1 200
OK Cookie set p Show response
i.simpli.fi/ 967 B
974 B 13ms
12ms Script
application/javascript 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=42566&cb=dpx_1982614355663._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=42566&m=1&sifi_tuid=21007

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

1458827c1658ab3866e84ef231a395844a792eb8814375d1fda76028aa9d2af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: i.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:27 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
Set-Cookie: uid_syncd=true; path=/; expires=Sat, 20 May 2017 20:05:27 GMT; domain=.simpli.fi
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpx
i.simpli.fi/ 43 B
43 B 12ms
12ms Image
image/gif 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.simpli.fi/dpx?cid=42566&m=1&sifi_tuid=21007&cbri=962693708578&referrer=

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: i.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==; uid_syncd=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.0

200
OK

Cookie set mapuser
usync.nexage.com/
Redirect Chain

https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814
https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814;cfp=1

43 B
43 B

101ms
101ms

Image
image/gif

152.163.56.2
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814;cfp=1
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.56.2 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: oneads-sspums-adtech-mtc-blue-b.evip.aol.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: usync.nexage.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: CfP=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Connection: keep-alive
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache
Set-Cookie: PNUT3=fZjZqp_OQsmbGGXvAihhzw;expires=Fri, 17 May 2019 20:5:27 GMT;domain=nexage.com;path=/
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://usync.nexage.com/mapuser?providerid=10778&userid=8A14990507AD1C59B827D8B502E9C814;cfp=1
Set-Cookie: CfP=1;domain=nexage.com;path=/
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

Cookie set ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746

0
0

386ms
96ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK Cookie set jpt Show response
secure.adnxs.com/ 82 B
82 B 51ms
12ms Script
application/javascript 185.33.222.23
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=q1Pbjs.handleAnCB&callback_uid=5a984e588cc525&psa=0&id=11322064&referrer=https%3A%2F%2Fpastebin.com%2FA6BSjbsn

Requested by

Host: cdn.q1mediahydraplatform.com
URL: https://cdn.q1mediahydraplatform.com/assets/js/prebid-Q1Media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.222.23 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

fe2082914f088202a7bfdea7b5efc45498b1fcc78368fa662e3401b8cd3cbd84

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 270.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.145:80
AN-X-Request-Uuid: 5fe10a8c-2786-4b6d-889f-064be8267b52
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: anj=dTM7k!M4/8DYRWSF']wIg2C$OgP?A)!]tbPB*SQLOsH`E.g3VsO?k-); Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly icu=ChIIzNwHEAoYASABKAEwidryyAUQidryyAUYAA..; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly sess=1; Path=/; Max-Age=86400; Expires=Thu, 18-May-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly uuid2=5780022503537428265; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: application/javascript; charset=utf-8
Content-Length: 82
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

302
Moved Temporarily

Cookie set ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764

0
0

386ms
96ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

Cookie set ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764

0
0

388ms
97ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CfP=1;domain=advertising.com;path=/
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK Cookie set jpt Show response
secure.adnxs.com/ 82 B
82 B 53ms
18ms Script
application/javascript 185.33.222.23
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=q1Pbjs.handleAnCB&callback_uid=79770559134f33&psa=0&id=11322064&referrer=https%3A%2F%2Fpastebin.com%2FA6BSjbsn

Requested by

Host: cdn.q1mediahydraplatform.com
URL: https://cdn.q1mediahydraplatform.com/assets/js/prebid-Q1Media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.222.23 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

3e1af1bc58595b72ac99dcb850341e734929d85d942f2c3e2c1729740343809b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 270.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.211:80
AN-X-Request-Uuid: c4ea4ab0-4754-4d3a-a081-4865b254ea6d
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: anj=dTM7k!M4/8DYRWSF']wIg2C$OgP?A)!]tbPB*SQLOsH`E.g3VsO?k-); Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly icu=ChIIzNwHEAoYASABKAEwidryyAUQidryyAUYAA..; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly sess=1; Path=/; Max-Age=86400; Expires=Thu, 18-May-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly uuid2=1955584850242226396; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: application/javascript; charset=utf-8
Content-Length: 82
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set jpt Show response
secure.adnxs.com/ 82 B
82 B 54ms
16ms Script
application/javascript 185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=q1Pbjs.handleAnCB&callback_uid=8503c943282647&psa=0&id=11322072&referrer=https%3A%2F%2Fpastebin.com%2FA6BSjbsn

Requested by

Host: cdn.q1mediahydraplatform.com
URL: https://cdn.q1mediahydraplatform.com/assets/js/prebid-Q1Media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

163e8dfd955a69e6003eb37ac33f6145c04a3094a23604daec93ae0e29b2479f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.207:80
AN-X-Request-Uuid: e20d5eb5-b9fb-4212-9f62-84d40d2f7d82
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: anj=dTM7k!M4/8DYRWSF']wIg2C$OgP?A)!]tbPB*SQLOsH`E.g3VsO?k-); Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly icu=ChIIzNwHEAoYASABKAEwidryyAUQidryyAUYAA..; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly sess=1; Path=/; Max-Age=86400; Expires=Thu, 18-May-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly uuid2=4778327393024095245; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: application/javascript; charset=utf-8
Content-Length: 82
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set 5386
tags.bluekai.com/site/
Redirect Chain

https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=eee9f571-7ae6-4311-bc61-f79adddb3b6c

62 B
62 B

372ms
99ms

Image
image/gif

169.47.30.64
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=eee9f571-7ae6-4311-bc61-f79adddb3b6c
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 169.47.30.64 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 40.1e.2fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: tags.bluekai.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: bkdc=wdc; bku=blx999i+caAo+Lix
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cneonction: close
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bku=blx999i+caAo+Lix; expires=Mon, 13-Nov-2017 20:05:29 GMT; path=/; domain=.bluekai.com
Content-Type: image/gif
Content-Length: 62
BK-Server: fbe8
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: https://tags.bluekai.com/site/5386?id=eee9f571-7ae6-4311-bc61-f79adddb3b6c
Set-Cookie: TDID=eee9f571-7ae6-4311-bc61-f79adddb3b6c; domain=.adsrvr.org; expires=Thu, 17-May-2018 20:05:33 GMT; path=/ TDCPM=CAESFgoHYmx1ZWthaRILCPDjzMDD2o41EAUYBSABKAIyCwjYstLf2NqONRAFOAE.; domain=.adsrvr.org; expires=Thu, 17-May-2018 20:05:33 GMT; path=/
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 179

GET
H/1.1

200
OK

Cookie set ca.png
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fca.png%253Fpid%253D11821%2526ref%253D%2526hn_ver%253D5%2526fid%253D0e47381b-4573-464b-a291-2c0b1aac1e78%2526adnxs_uid%25...
https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&adnxs_uid=1955584850242226396

95 B
95 B

108ms
27ms

Image
image/png

52.31.237.155
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&adnxs_uid=1955584850242226396
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.237.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-237-155.eu-west-1.compute.amazonaws.com
Software: spray-can/1.3.1 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.cpx.to
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:27 GMT
Server: spray-can/1.3.1
P3P: CP="NOI DEV ADM"
Set-Cookie: cpSess=15776507aac4453e96d724f0d1079d88; Expires=Thu, 17 May 2018 20:05:27 GMT; Domain=.cpx.to; Path=/; HttpOnly
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Wed, 17 May 2017 20:05:27 GMT

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.7:80
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92b31ceb-4f3c-4356-9805-15b22357e8da
Server: nginx/1.11.5
Location: https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&adnxs_uid=1955584850242226396
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: sess=1; Path=/; Max-Age=86400; Expires=Thu, 18-May-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly uuid2=1955584850242226396; Path=/; Max-Age=7776000; Expires=Tue, 15-Aug-2017 20:05:29 GMT; Domain=.adnxs.com; HttpOnly
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78
https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&google_gid=CAESEDi3WUcDVKcEDJ1oWLlXbtY&google_cver=1

95 B
95 B

111ms
27ms

Image
image/png

52.50.52.103
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&google_gid=CAESEDi3WUcDVKcEDJ1oWLlXbtY&google_cver=1
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.52.103 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-52-103.eu-west-1.compute.amazonaws.com
Software: spray-can/1.3.1 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.cpx.to
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
X-Client-Data: CIi2yQEIpLbJAQ==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:27 GMT
Server: spray-can/1.3.1
P3P: CP="NOI DEV ADM"
Set-Cookie: cpSess=db9e7b01873f4a64ad77b103deed8653; Expires=Thu, 17 May 2018 20:05:27 GMT; Domain=.cpx.to; Path=/; HttpOnly
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Wed, 17 May 2017 20:05:27 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 May 2017 20:05:27 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?pid=11821&ref=&hn_ver=5&fid=0e47381b-4573-464b-a291-2c0b1aac1e78&google_gid=CAESEDi3WUcDVKcEDJ1oWLlXbtY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 358
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1609 0
0

GET
H/1.1

302
Moved Temporarily

ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746

0
0

97ms
96ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764

0
0

96ms
96ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764

0
0

97ms
97ms

XHR

152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://pastebin.com
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pastebin.com
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set tpid=8A14990507AD1C59B827D8B502E9C814
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814

49 B
49 B

34ms
33ms

Image
image/gif

52.18.145.75
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.145.75 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-145-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bcp.crwdcntrl.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: _cc_cc=ctst
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Set-Cookie: _cc_aud="ABR4nGNgYGCIlFnLwQAHAA7QASs%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 11-Feb-2018 20:05:28 GMT;Max-Age=23328000 _cc_cc="ACZ4nGNQSLQwNDZNTjNKTE5NMzMxSElOsUxLNUszSDY2MEo0TDVjAIJImbUcDAgAAGg3CsE%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 11-Feb-2018 20:05:28 GMT;Max-Age=23328000 _cc_id=a8135cf2acef640dcd9fe6f0c302a1e6;Path=/;Domain=crwdcntrl.net;Expires=Sun, 11-Feb-2018 20:05:28 GMT _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 11-Feb-2018 20:05:28 GMT
Cache-Control: no-cache
X-Server: 172.25.10.50
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A14990507AD1C59B827D8B502E9C814
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
Cache-Control: no-cache
X-Server: 172.25.11.186
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=149505152...

0
0

378ms
94ms

XHR

152.163.66.131
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.131 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver.adtechus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: CfP=1; JEB2=591CABC56E650E44CD7C86EAF5607EF9
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set 8A14990507AD1C59B827D8B502E9C814
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/
Redirect Chain

https://um.simpli.fi/turn
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A14990507AD1C59B827D8B502E9C814

43 B
43 B

537ms
479ms

Image
image/gif

46.228.164.13
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: d.turn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:27 GMT
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Set-Cookie: uid=8113552186480848269; Domain=.turn.com; Expires=Mon, 13-Nov-2017 20:05:28 GMT; Path=/
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 17 May 2017 20:05:28 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

302
Moved Temporarily

ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=149505152...

0
0

377ms
93ms

XHR

152.163.66.131
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.131 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver.adtechus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: CfP=1; JEB2=591CABC56E650E44CD7C86EAF5607EF9
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

302
Moved Temporarily

ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;rdhost=adserver-us.adtech.advertising.com;cfp=1;rndc=1495051527;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=149505152...

0
0

383ms
96ms

XHR

152.163.66.131
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.131 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-adtech-mtc-blue-a.evip.aol.com
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver.adtechus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: CfP=1; JEB2=591CABC56E650E44CD7C86EAF5607EF9
Connection: keep-alive
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: nginx
Access-Control-Allow-Origin: null
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A14990507AD1C59B827D8B502E9C814

43 B
43 B

511ms
100ms

Image
image/gif

52.202.130.59
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.130.59 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-130-59.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: sync.intentiq.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie: IQver=1.9; Domain=.intentiq.com; Expires=Sat, 15-May-2027 20:05:28 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 17 May 2017 20:05:28 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1 200
OK Cookie set ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ 2 KB
2 KB 196ms
195ms XHR
application/json 152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=35a47503c84679;misc=1495051527746
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: Adtech Adserver /
Resource Hash: af3e537e25d8195c3a852d9e8a2fb48d842174aeae684c084e1f0f8963d6bfbb

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
X-DevTools-Emulate-Network-Conditions-Client-Id: dd34d955-3c6b-4eef-8e45-405570182ea9
Origin: null
Referer: https://pastebin.com/A6BSjbsn
X-DevTools-Request-Id: 16095.236
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: Adtech Adserver
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: null
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: ADMARK=Wed, 17 May 2017 20:05:28 GMT;expires=Wed, 17 May 2017 20:7:28 GMT;domain=advertising.com;path=/ CS1=2;expires=Fri, 17 May 2019 20:5:27 GMT;domain=advertising.com;path=/ JEB2=591CABC56E650E44CD7C86EAF5607EF9;expires=Fri, 17 May 2019 20:5:27 GMT;domain=advertising.com;path=/
Content-Type: application/json
Content-Length: 1794
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ 2 KB
2 KB 266ms
266ms XHR
application/json 152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554943/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=44c2afa27d4b74;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: Adtech Adserver /
Resource Hash: 810e66f045239709cdf18fd475dd3f548fd9440d7edfab8c6113e769b923a763

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
X-DevTools-Emulate-Network-Conditions-Client-Id: dd34d955-3c6b-4eef-8e45-405570182ea9
Origin: null
Referer: https://pastebin.com/A6BSjbsn
X-DevTools-Request-Id: 16095.238
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: Adtech Adserver
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: null
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: ADMARK=Wed, 17 May 2017 20:05:28 GMT;expires=Wed, 17 May 2017 20:7:28 GMT;domain=advertising.com;path=/ CS1=2;expires=Fri, 17 May 2019 20:5:28 GMT;domain=advertising.com;path=/ JEB2=591CABC56E650E44CD7C86EAF5607EF9;expires=Fri, 17 May 2019 20:5:28 GMT;domain=advertising.com;path=/
Content-Type: application/json
Content-Length: 1794
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ 48 B
48 B 268ms
268ms XHR
application/json 152.163.66.165
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10333.1/4554948/0/0/ADTECH;uuid=591CABC56E650E44CD7C86EAF5607EF9;cfp=1;rndc=1495051528;v=2;cmd=bid;cors=yes;alias=5883c3a504148f;misc=1495051527764
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.66.165 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtechus-ads-one-adtech-mtc-blue-a.evip.aol.com
Software: Adtech Adserver /
Resource Hash: 970ee9a0f76584e0be3fcf75bf6e80838f2068184b826653db9f6fb993af989a

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, sdch, br
Host: adserver-us.adtech.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
Cookie: APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
X-DevTools-Emulate-Network-Conditions-Client-Id: dd34d955-3c6b-4eef-8e45-405570182ea9
Origin: null
Referer: https://pastebin.com/A6BSjbsn
X-DevTools-Request-Id: 16095.239
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: Adtech Adserver
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: null
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Set-Cookie: CS1=2;expires=Fri, 17 May 2019 20:5:28 GMT;domain=advertising.com;path=/ JEB2=591CABC56E650E44CD7C86EAF5607EF9;expires=Fri, 17 May 2019 20:5:28 GMT;domain=advertising.com;path=/
Content-Type: application/json
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set sync
sync.adaptv.advertising.com/
Redirect Chain

https://um.simpli.fi/adaptv
https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A14990507AD1C59B827D8B502E9C814

42 B
42 B

98ms
98ms

Image
image/gif

52.206.4.231
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.4.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-206-4-231.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: sync.adaptv.advertising.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: adaptv_unique_user_cookie="5429009610835221592__TIME__2017-05-17+13%3A05%3A25"; APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; CfP=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Set-Cookie: rtbData0="key=simplifi:value=8A14990507AD1C59B827D8B502E9C814:expiresAt=1497643528,ver=2";Path=/;Domain=.adaptv.advertising.com;Expires=Fri, 17-May-2019 20:05:28 GMT APID=VB2a508b3a-3b3c-11e7-b561-0a5be3fc79ff; Max-Age=31622400; Expires=Fri, 18-May-2018 20:05:28 GMT; Domain=.advertising.com; Path=/; Version=1
Server: ribs2.0
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 17 May 2017 20:05:28 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H2

200

engine
fei.pro-market.net/
Redirect Chain

https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;sr

43 B
52 B

14ms
14ms

Image
image/gif

107.178.240.89
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;sr
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.240.89 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS: 89.240.178.107.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

:path: /engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;sr
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: fei.pro-market.net
cookie: anProfile="1+1+1f=1+1g=1+1j=1+rs=s+rt=94FB2DAA+s2=(oq4555)"
:scheme: https
referer: https://pastebin.com/A6BSjbsn
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2017 20:05:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-1.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status: 200
cache-control: no-cache, no-store, must-revalidate
set-cookie: anProfile="-2jappem9azg3+1+1f=1+1g=1+1j=1+rs=s+rt=94FB2DAA+s2=(oq4555)+vm=24-8A14990507AD1C59B827D8B502E9C814"; Version=1; Domain=.pro-market.net; Max-Age=15552000; Expires=Mon, 13-Nov-2017 20:05:29 GMT; Path=/
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 May 2017 20:05:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-2.c.datonics-gcp-01.internal
status: 302
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://fei.pro-market.net/engine?du=24;csync=8A14990507AD1C59B827D8B502E9C814;mimetype=img;sr
cache-control: no-cache, no-store, must-revalidate
set-cookie: anProfile="1+1+1f=1+1g=1+1j=1+rs=s+rt=94FB2DAA+s2=(oq4555)"; Version=1; Domain=.pro-market.net; Max-Age=15552000; Expires=Mon, 13-Nov-2017 20:05:29 GMT; Path=/
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

Cookie set merge
ce.lijit.com/
Redirect Chain

https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814
https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814&dnr=1

43 B
43 B

91ms
90ms

Image
image/gif

169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814&dnr=1
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ce.lijit.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: ljt_reader=8034fffa5dca79008caa13652051c60e
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Set-Cookie: _ljtrtb_2=8A14990507AD1C59B827D8B502E9C814;Path=/;Domain=.lijit.com;Expires=Thu, 17-May-2018 20:05:29 GMT
X-Sovrn-Pod: ap3iad1
Content-Type: image/gif
Content-Length: 43
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=8A14990507AD1C59B827D8B502E9C814&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Set-Cookie: ljt_reader=bdd1286e2e89d3c8650e993b6649f730;Path=/;Domain=.lijit.com;Expires=Thu, 17-May-2018 20:05:29 GMT ljt_reader=8034fffa5dca79008caa13652051c60e;Path=/;Domain=.lijit.com;Expires=Thu, 17-May-2018 20:05:29 GMT
X-Sovrn-Pod: ap3iad1
Content-Length: 0
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set 362248.gif
idsync.rlcdn.com/
Redirect Chain

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=ae4c1579716c06a23c6cd72bb6d0849f842325a49ca84f767d619a58219ae6b0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=01707554042564623172867389691869599101

43 B
43 B

106ms
105ms

Image
image/gif

52.205.218.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=01707554042564623172867389691869599101
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.218.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-205-218-72.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: idsync.rlcdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: ck1=ck1; rlas3=EQ3IdaXJNxLLYGCceLQhtTegcOBvpxZT8to5M3kGWtyMyA9jEACu5w==; rtn1-z=IaPVs8VHz+TQGzCL2GvoNk6F/HE51xmvQ3j+FXkTWzs=; drtn695891336=2BbOcL64N4YSBqx8GKXA7hi8Zju0N0qF
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: drtn695891336="";Version=1;Domain=.rlcdn.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0 rlas3=EQ3IdaXJNxLLYGCceLQhtTegcOBvpxZT8to5M3kGWtyMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Mon, 13-Nov-2017 20:05:27 GMT rtn1-z=IaPVs8VHz+SXlGaLRKr/PHb+M06r7HbwcU11005PrQSxN0YNPPPqfOyKDTWnr7Ot;Domain=.rlcdn.com;Expires=Mon, 13-Nov-2017 20:05:26 GMT
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
X-TID: VvJntO10SdY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://idsync.rlcdn.com/362248.gif?partner_uid=01707554042564623172867389691869599101
Set-Cookie: demdex=01707554042564623172867389691869599101;Path=/;Domain=.demdex.net;Expires=Mon, 13-Nov-2017 20:05:29 GMT dpm=01707554042564623172867389691869599101;Path=/;Domain=.dpm.demdex.net;Expires=Mon, 13-Nov-2017 20:05:29 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.0

200
OK

mapuser
ums.adtech.de/
Redirect Chain

https://um.simpli.fi/aol
https://ums.adtech.de/mapuser?providerid=1051;userid=8A14990507AD1C59B827D8B502E9C814

43 B
43 B

6ms
6ms

Image
image/gif

195.93.42.12
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.adtech.de/mapuser?providerid=1051;userid=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 195.93.42.12 , United Kingdom, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtech-ssp-ums-adtech-frr-a.evip.aol.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ums.adtech.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: CfP=1; JEB2=591CABC56E650E44CD7C86EAF1BEF472
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ums.adtech.de/mapuser?providerid=1051;userid=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

y_match
um.simpli.fi/
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~6df59d9d88a5fd320eaa9784cd28c41c2b86a6bf&sigv=1&nwid=10001117430
https://um.simpli.fi/y_match?xid=rOHpwzcoXHDIYV70HLSc30YX

43 B
43 B

11ms
11ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/y_match?xid=rOHpwzcoXHDIYV70HLSc30YX
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: um.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==; uid_syncd=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
Server: ATS
Age: 0
Strict-Transport-Security: max-age=0
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://um.simpli.fi/y_match?xid=rOHpwzcoXHDIYV70HLSc30YX
Set-Cookie: B=2j6r841chpb89&b=3&s=m8; expires=Thu, 17-May-2018 20:05:29 GMT; path=/; domain=.yahoo.com
Cache-Control: private
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1

200
OK

aa_px
um.simpli.fi/
Redirect Chain

https://d.agkn.com/pixel/5502/?atr=000&sk=164021102328003306780&pd=&l0=https://um.simpli.fi/aa_px?sk=164021102328003306780
https://um.simpli.fi/aa_px?sk=164021102328003306780

43 B
43 B

12ms
11ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/aa_px?sk=164021102328003306780
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: um.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==; uid_syncd=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:31 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164021102328003306780
Set-Cookie: ab=0001%3AYWE5D2O7mumZ3U9RDS2xlylatrQ7SpQahnP%2FHCM65uX%2BD61M1inJ3w%3D%3D; Version=1; Domain=.agkn.com; Max-Age=31536000; Expires=Thu, 17-May-2018 20:05:30 GMT; Path=/ u=C|0CAIAAAAAIK9pigAAAAAAAAABARYAAAAA; Version=1; Domain=.agkn.com; Max-Age=31536000; Expires=Thu, 17-May-2018 20:05:30 GMT; Path=/
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
load.s3.amazonaws.com/
Redirect Chain

https://loadr.exelator.com/load/?p=104&g=870&j=0
https://load.s3.amazonaws.com/pixel.gif

43 B
43 B

496ms
196ms

Image
image/gif

52.216.227.136
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.s3.amazonaws.com/pixel.gif
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.227.136 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: load.s3.amazonaws.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:30 GMT
Last-Modified: Mon, 14 Feb 2011 11:09:26 GMT
Server: AmazonS3
x-amz-request-id: 96CFFBABDBAC0FC2
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Content-Type: image/gif
x-amz-meta-s3fox-filesize: 43
x-amz-meta-s3fox-modifiedtime: 1297679395316
Accept-Ranges: bytes
Content-Length: 43
x-amz-id-2: 5a0LCSfm5YysjqryQqq5U7iMFYeuHH+iwHNpxEbvBvr5RnLyvA1JDBlb6SuY18000Z7Nsy6Yx6k=

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
Server: nginx/1.10.1
X-Powered-By: Undertow/1
P3P: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location: https://load.s3.amazonaws.com/pixel.gif
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0

GET
H2

200

/
www.google.de/ads/conversion/1026675585/
Redirect Chain

https://www.google.com/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&conv...
https://www.google.de/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&convc...

42 B
51 B

81ms
40ms

Image
image/gif

2a00:1450:401b:803::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&convclickts=0&ocp_id=Ca0cWeWqF9mP3gP0qpa4BQ&random=209305177&fpvtc=/1026675585/%3Frandom%3D1689010167%26cv%3D7%26fst%3D1495051200000%26fmt%3D3%26value%3D0%26label%3DeGG0CO2U2AIQgafH6QM%26guid%3DON%26ctc_id%3DCAIVAgAAAB0CAAAA%26ct_cookie_present%3Dfalse%26cdct%3D2&ipr=y&ulfeg=n

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:803::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&convclickts=0&ocp_id=Ca0cWeWqF9mP3gP0qpa4BQ&random=209305177&fpvtc=/1026675585/%3Frandom%3D1689010167%26cv%3D7%26fst%3D1495051200000%26fmt%3D3%26value%3D0%26label%3DeGG0CO2U2AIQgafH6QM%26guid%3DON%26ctc_id%3DCAIVAgAAAB0CAAAA%26ct_cookie_present%3Dfalse%26cdct%3D2&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://pastebin.com/A6BSjbsn
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2017 20:05:29 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 May 2017 20:05:29 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/conversion/1026675585/?random=613727859&cv=7&fst=1495051527217&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&convclickts=0&ocp_id=Ca0cWeWqF9mP3gP0qpa4BQ&random=209305177&fpvtc=/1026675585/%3Frandom%3D1689010167%26cv%3D7%26fst%3D1495051200000%26fmt%3D3%26value%3D0%26label%3DeGG0CO2U2AIQgafH6QM%26guid%3DON%26ctc_id%3DCAIVAgAAAB0CAAAA%26ct_cookie_present%3Dfalse%26cdct%3D2&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 726
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2017 20:05:29 GMT

GET
H/1.1

200
OK

pixel.gif
cdn.spotxcdn.com/media/thumbs/pixel/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A14990507AD1C59B827D8B502E9C814
https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif

43 B
43 B

26ms
8ms

Image
image/gif

104.111.227.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.227.227 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-227-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.spotxcdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:29 GMT
Last-Modified: Thu, 26 May 2011 15:59:36 UTC
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=97258
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 43

Redirect headers

Location: //cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif
Connection: keep-alive
Set-Cookie: partner-1495051524_b08f-0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.spotxchange.com partner-1495051529_28bd-0=eNqlzrsOgjAYQOGZt6lyCyQMKEbbpG1%2BAljYuCi0IA5GC3169QkcHE9yhs9zkWeFJLysRJeCoOZWrMIuTCXItT6D5BIvPIltqsotVXTDE7wwFSOmRofu8QPPu6Gd0%2Bf37wSb2ikYS5EOWN0lllpWYtC1IEN3nF6NxB7NwGWmRNTkKzuhyPL9wP8BcCA7IJ6NmmWxDTksYHIXVL8yBA6oXNPx06Zf2J8gLlD0BnUOXAc%3D; expires=Fri, 16-Jun-2017 20:05:29 GMT; path=/; domain=.spotxchange.com
Content-Length: 0
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=8A14990507AD1C59B827D8B502E9C814

0
0

17ms
16ms

Image
text/html

185.33.222.8
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=8A14990507AD1C59B827D8B502E9C814

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.222.8 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ib.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: anj=dTM7k!M4/8DYRWSF']wIg2C$OgP?A)!]tbPB*SQLOsH`E.g3VsO?k-); icu=ChIIzNwHEAoYASABKAEwidryyAUQidryyAUYAA..; sess=1; uuid2=1955584850242226396
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:31 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 163.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.72:80
AN-X-Request-Uuid: 4cf2077a-c19e-4eb9-85fc-f6a412371034
Server: nginx/1.11.5
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ib.adnxs.com/setuid?entity=66&code=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

Cookie set rtset
bh.contextweb.com/bh/
Redirect Chain

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A14990507AD1C59B827D8B502E9C814

49 B
60 B

36ms
18ms

Image
image/gif

151.101.12.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.3.v20140905) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bh.contextweb.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:29 GMT
Via: 1.1 varnish
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
X-Served-By: cache-fra1250-FRA
Server: Jetty(9.2.3.v20140905)
Content-Language: en-US
Cache-Control: private, max-age=0, no-cache, no-store
Set-Cookie: V=hGfMg35i7n8i;Path=/;Domain=.contextweb.com;Expires=Sat, 12-May-2018 20:05:29 GMT pb_rtb_ev=3-g2f|1Em.0.8A14990507AD1C59B827D8B502E9C814;Path=/;Domain=.contextweb.com;Expires=Thu, 17-May-2018 20:05:29 GMT sto-id-20480-bh=DIANNMAKJABP; Domain=contextweb.com; Expires=Wed, 17-May-2017 20:20:28 GMT; Path=/
Accept-Ranges: bytes
Content-Type: image/gif; charset=ISO-8859-1
CW-Server: ams-bh01
Expires: -1

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A14990507AD1C59B827D8B502E9C814&expires=365

42 B
42 B

15ms
15ms

Image
image/gif

62.67.193.75
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A14990507AD1C59B827D8B502E9C814&expires=365
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.75 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel.rubiconproject.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: c=1; rpb=111756%3D1; put_3856=18072662358216046980; rpx=111756%3D64644%2C0%2C1%2C%2C; khaos=J2TF2S4F-Q-2QDJ
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:28 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=111756%3D1%266286%3D1; Domain=.rubiconproject.com; Expires=Fri, 16-Jun-2017 20:05:29 GMT; Path=/ put_2132=8A14990507AD1C59B827D8B502E9C814; Domain=.rubiconproject.com; Expires=Thu, 17-May-2018 19:59:59 GMT; Path=/ rpx=111756%3D64644%2C0%2C1%2C%2C%266286%3D64644%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Fri, 16-Jun-2017 20:05:29 GMT; Path=/ khaos=J2TF2S4F-Q-2QDJ; Domain=.rubiconproject.com; Expires=Thu, 16-Nov-2017 08:05:29 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: WauheVv6hZ4-ZQri54jMXQ
Expires: 0

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A14990507AD1C59B827D8B502E9C814&expires=365
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A14990507AD1C59B827D8B502E9C814

43 B
43 B

24ms
23ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.75.6 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: us-u.openx.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: i=54395dcd-8f16-45a9-fad6-619460eccbe4|1495051524
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
Server: OXGW/11.75.6
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

Cookie set Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A14990507AD1C59B827D8B502E9C814

42 B
42 B

54ms
15ms

Image
image/gif

198.47.127.15
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A14990507AD1C59B827D8B502E9C814
Requested by: Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.15 Redwood City, United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: image2.pubmatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: KRTBCOOKIE_1051=22884-18072662358216046980; PUBMDCID=3
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2017 20:05:29 GMT
X-lat: Pug22026:0:330
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie: KRTBCOOKIE_148=19421-uid:8A14990507AD1C59B827D8B502E9C814; domain=pubmatic.com; expires=Wed, 31-May-2017 20:05:29 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Wed, 17-May-2017 20:05:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Tue, 15-Aug-2017 20:05:29 GMT; path=/
Cache-Control: no-store, no-cache, private
Connection: close
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A14990507AD1C59B827D8B502E9C814
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

204
No Content

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A14990507AD1C59B827D8B502E9C814
https://um.simpli.fi/g_match?id=

0
0

12ms
11ms

Image
text/plain

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: pastebin.com
URL: https://pastebin.com/A6BSjbsn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: um.simpli.fi
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://pastebin.com/A6BSjbsn
Cookie: uid=BZkUilkcrQe12Ce4FMjpAg==; uid_syncd=true
X-Client-Data: CIi2yQEIpLbJAQ==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://pastebin.com/A6BSjbsn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 17 May 2017 20:05:29 GMT
X-Content-Type-Options: nosniff
Server: openresty
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

pragma: no-cache
date: Wed, 17 May 2017 20:05:29 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 229
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mQgM3sYgTsUlWsfgRPQoTHnQTUb22r2oWErmVEUlQqrLQGZbIRrIsSWUbVGU54bevmtit0qyn4tMFQGrC4AvEpdarTWFh0rUkXbYk1qqtPbQEWbYSTdB4mUQmRUBtXaJt4aUi5aY5naFHXFjfUWMRoAnBns7vmH3H3EQ93tEN5PbGnUjLYGrUXGrU1GZbxpTvbwJ79Qn&mediaDataID=6530936&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mQgM0b3kYFBf1E6mSU3ZbTrZb4VWrXnbQnPbjtYTYy5q7g2qMXoTZbHXb76TWZbXm67DnVvomHML5TUh3tmm5mJFmrYZbXGU01svV1svymEvT5U3UTrfZcUPf3Pab0ScvqPWYN0HvmW63N3Gv0YbrDT6im2PUePPMJ4Wvp0HJZamWeo5m3Y5VbbUcU8VGZb7SPnuWdFcNVbclI&mediaDataID=6719746&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamQgM1cnV0V7umqbR2FQ2WbvBUPM4QTb1QVUqQdJr1WZbsTmvv4sn0YFvKU6Xw4mFgPmbC4WYMXHYKnd2y5Pn04sQ9TcFjUsB8S6FOTtFWWrbY5UEuUabmVqJaSTrZaRs3JQFunSHY7Vc3P5rXxmtqr0qmp2WbZaSGBZd4AvIpHiyTHZbhXF77XUFi1EENSbMHWUBeM45unB&mediaDataID=6807466&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acmQgMUcJ8RA3xTHMQUFfP2FTsVTbpWEJbQaYZaSGZbCPUZatPWMcUVUP5UTontEOXT6n2tMHSG7Zc26QZbodXoTd7eYbUdXbB9XqIMSUJATFBYTtQ4oFJxRFMtYaFt3T7j5EjYnaMAXrjaTtFWnmQBnV7mmHnJ3qZb85tEM5PBJnrQEXVr0YGZbY1GbNmqJ32UnVTFnrt3sxJF&mediaDataID=6815436&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aemQgMXaAMRrUZcUFZb0VW3WnUfvRFFsXTFs5aZbj4qMRmqJG1bJ9WHZbWnP3ImVUwod7L3TUf5tay3P7ZanrbKXsYYXcv51sfnpEF42bFQWUnEUAv3RqMQSsFqQWUNYtZbnWAfu3GB3YUrZcUATr56rePmMA4WUO0dBDpdeM4mQS3cYgTsUjWGrjSPYMTHr4TrJ05b2Dvn6Zcjb&mediaDataID=6453196&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=agmQgMpTZb43FY4VbBZaUmrTQaQSQsvnPdUO1H7nVmvp2Vr10FQJVm2r5Av7QmZbK2tFM0HYIpdIm3mYS5sjaTVvkVcBhS6MoWtv3TFM32r2oUqrmTaQlSEJZaSsQJRrZamSdjdVcbW5FXsnWZamYEPp2tbFSGjZa4AJEmdioUdbb0r3kYFF90EyoSbUCTrnPWtM3orQAO7CcZdM&mediaDataID=6546596&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aimQgMWdn3Ub735rAmWTvvWqrjPEQKRGQIPF6mRWMiWsQQ2UynodEmYa2w3tQZdQcMZc46QZdmdZaNVHJ7Xbf6Ybf61aIqSUvZbWFMSWHJ0nbQnRUjt1q3y3E3j4E7YoTJBXUY8TtMPnAQZamsYrptQJ3TZbh5teN5mvFprQZaYsYPYcnV0VbnnqnQ2UYSWbBZbVAU4REbgw0XoZbd&mediaDataID=6347136&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=akmQgMWUrSVdQ3mF3qPr7NXaJr5Tfl5q7XmabBYbJfUdJVoPrLpGQrpW3A2TM73Wuy5P7ZcprnG0VnPYcFX0sJomTFW2bJ2TUZbZcVm7YQTb1ScUqSHZbrYdnnVAbu4sr2YrBIUAio5PrbQPFF3drO0HBKpdEo5PB03sYdVVUdVcJ8RAYoUHZbRTr752FixVqYpTTJTm3C16u&mediaDataID=6680176&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aAmQgMTFFZcWPM5PTr0QVYMPd3x1djoWmbv2GY2XFQDTPXq2AQ8R6ZbF3Hvs1HrAnHTm5mYQ3sveVsQdWcMiR6rnTdvTTFrP5r6uVEjqWEJbSTYZaQcJCRbmmRd7dUVQV5bimnWqtYqPN3W3APsZbZa46JZbmdAyTdQe0bQ81FJfXqAMRrUZbUrJ2WtUXnU7uQUBq1EFHohPhYG&mediaDataID=5793196&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5mQgMVWbhXrrbYFJe0E6MSrBDUFU1WdJ3mFJoPFfNYano3EJk2aQ3nEJBXb7fUdr0mPnJpGrumWnD3EZbl3HAM4ABKnUME0VU0XVF11VvxpT7W5b32TUvHW675REQXPGBsPHUM0tBrWP3y3GvUXFZbJVmqw46ZbhR6FG4H3s0HrAntAo5AJV4snbUGvkVcJePPFJu8ZaEBx&mediaDataID=5793216&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a7mQgM0G30YsY40Vromqj42bUUWFvCVP74PqMXQsQMQW7xYdboT6Uy3cr2YFvDTPau4AU6R6fI4HUr0WBZcnWin46vU5VUgVsrjVVMlSAFuWd3TWFbP5rTnWTjoTTMcPqZbZcRcQKQrAqStY9Vc354U6nodiOXEem4dYEPVBE26MHotEyTtYaYbr7Xrf61aAtPbJswT09E5&mediaDataID=4056396&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a9mQ8yVcMjUsFiP6ryUHFSTUbX3FasUqroVE3bQaBZaRsfAPF6vSH38VsnQ5b6ootyrXaup2HjZbQVjE2mnZapdTmUH78YbfiXbYiXaApPbQZbUFUPVdJUobFoRUfNXaQn3aJh2an4nEJHXbfcTWMRoAnBnV7nmHbJ2Tnf2WZat46vZanFbZb0VUVYVv11GrMmq745VYdygVghJ&mediaDataID=5436426&mediaName=frame.html

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=abmQ8y1Uj9XqZaoSUYEUrB3WdFXobjrRUjrYTQs5aUj5EYPmabIXrfdTdfVn6fIpVfmoWvJ3aF93des3ABZbmrfIYVYRYsFT1svNpTZbP5U32VUbZbWP7VRTnXScQMPWBuYHbtT6rO3cr0YFnZaU6im2PUePmMB4WBO1HMLmH6N4ABS5Gj9Vsr7WVBlSPJNTH33Ws7hO8npkK&mediaDataID=5406476&mediaName=frame.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html?n=2

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adserver-us.adtech.advertising.com
adserver.adtechus.com
ajax.googleapis.com
bcp.crwdcntrl.net
bh.contextweb.com
cdn.q1mediahydraplatform.com
cdn.spotxcdn.com
ce.lijit.com
d.turn.com
fei.pro-market.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
load.s3.amazonaws.com
p.cpx.to
pagead2.googlesyndication.com
pastebin.com
pixel.rubiconproject.com
s.cpx.to
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.adaptv.advertising.com
sync.intentiq.com
tags.bluekai.com
tags.crwdcntrl.net
tags.expo9.exponential.com
tpc.googlesyndication.com
um.simpli.fi
ums.adtech.de
us-u.openx.net
usync.nexage.com
www.google-analytics.com
www.google.de
www.googletagservices.com
acdn.adnxs.com
s.tribalfusion.com
tpc.googlesyndication.com
104.111.227.227
104.20.208.21
107.178.240.89
151.101.12.166
152.163.56.2
152.163.66.131
152.163.66.165
159.253.128.183
169.47.30.64
169.55.70.227
172.217.22.2
173.241.240.143
185.33.222.23
185.33.222.8
185.33.223.218
195.93.42.12
198.47.127.15
204.11.109.66
204.11.109.67
204.11.109.68
204.11.109.77
2a00:1450:4001:806::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::200e
2a00:1450:4001:825::200a
2a00:1450:400c:c08::9d
2a00:1450:401b:803::2003
46.228.164.13
5.153.20.138
52.18.145.75
52.202.130.59
52.205.218.72
52.206.4.231
52.216.227.136
52.31.237.155
52.50.52.103
52.84.127.108
52.84.127.175
62.67.193.75
93.184.220.113
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ec59fc0ea5bbd02c0394554c3485ca1b2d68d3679e0db937d56a94687293d67
110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0
125fd9e51c7727e0c0edb021f2d3ed8bdcaa048c7277992d134d794089ae3e36
1458827c1658ab3866e84ef231a395844a792eb8814375d1fda76028aa9d2af0
163e8dfd955a69e6003eb37ac33f6145c04a3094a23604daec93ae0e29b2479f
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1ea8e3c5b76d5a78f7e206a10dae6b1ad359a2987bb83278e2071bf3952751df
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2aa1657cc01cbd5e50c8a6de27ea8e811cf8c2bb8d182d8946c628ad3fe0b4e3
2c5d1f0b2a89ddc2befa975a1087d84f79d90d071b2efa98e78784fb8f75e33a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
318b4ec464176365ac04eb99ba020710dd6838d7521918feb31a989d741b539e
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
37dad49f27de93f7bdb9b25d4981a645e85add143cf93c60a006a68da8d97898
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3a49cd5f8860e1d7c8c2b572d35fa1ebd8dd94b39f62f4e7d641cc524f99e383
3bfabf0e3fe93a317c0a14c9fc56fcd9976c6b0464723b0630c4917bfa62c6b5
3e1af1bc58595b72ac99dcb850341e734929d85d942f2c3e2c1729740343809b
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3fb852db1cd132dda2e5b283b43d7cc7debe88e4ec803db31613aa472ae72009
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
56c4ce67d315f88d68e3e1a5a52049bc892096c4aab3e534226c29704886af20
6305b56b31b291d93f2b4d80bbba31eea297605d72424ea09946a8e3c2fddd89
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
69cdc7e9b020cf38380c56869228bf271db40edf2feafcbd0ea8ba7e3df2c368
6e4d2d5f2bc5a257b2fb037354fe5318591688dcf734375eaa0abd9d2d211642
700e718b3a30ca8a9b4b19aecaa62b457998559eddc0eb7f1f8bc5d483738154
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
7186c869aea692acdd80f8776ba966b6215eff98f41b3cd62bc70e21b4128d0f
71b0a8592c1f630f017d61d1b4daa190713b5560c41e1fb208ca3b1ca1de9304
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
78c7de0b78921e154e2692de3b5445a62b1d3326517c4b37aef18f8001d0521b
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7bb7b63fa2443efd4cb956609e8b9d921778b986eeded25db4c7779622c616bd
7ec1c58cf01f3c05a4752830b6de78ee86e134d6d21b344c2b6cbdd8eacd2f36
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6
7fc2927c6ecc0e0402558ef08cdac15420bf7699cc9c5976f2ae72a3af10d0d1
810e66f045239709cdf18fd475dd3f548fd9440d7edfab8c6113e769b923a763
82aba3e51fa12d81450138481b42cc9cbf496e7e3aebcd4629a870094c263ac1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8770c34957e6cdc04d70665a316d4e3ea4dc0356583216ba51a11df0b7b91816
88df5c8c4e70b9b150f2cd94a847ef52f0f15bc382bd15cb3a1f87e282c26ed6
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c6f63e2110aae7bd0312e5a979851bb395edabb524e39c876c4a28242fcc285
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
970ee9a0f76584e0be3fcf75bf6e80838f2068184b826653db9f6fb993af989a
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
a55664343721d7db358f3f7e4f32d2da55beda06c6d78d6952b8382fd5210b06
a72858f08a14a963af7487a0bf37c9508d03ddca5e0adffdf52a1dda1e27e76a
af3e537e25d8195c3a852d9e8a2fb48d842174aeae684c084e1f0f8963d6bfbb
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3df206f26782cd2e49b39096764452cf2c5be4ac73efc9ce37288275a343780
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d48fb8290cfbeb5c94091f079cfbc96eb0f21792d99be7568b58b430f5c71246
d544fb9b7cc569636e97cac7f3d428ec59949c9f2b40e32eaca1ffcdfcc13dfb
d986fa3e15fea470a200f0ec674439539c85d354860e98856db70e1a6b3c2b58
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df418a54adb533554fec3e2a4fb348625f539469f11380963942511835a3c771
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7a6467f1c61f9916063a69749cfaef180a97dc65581e22dfe75f3e47e108e08
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5154cd93dc27142f30bf0d10c32b64f107b81f89cc4801e296623cdbafef6bc
f60567606f18a72c97c27a86b0da27c9ea7b8280b420454ad04ac5efb428d0e7
fd1fd8dff30cc102766aa53409d2f292e413e5b9b4be66814c697c90e1c48da3
fe2082914f088202a7bfdea7b5efc45498b1fcc78368fa662e3401b8cd3cbd84
fe7a6cd195bfbe4905906ebfdec13fb35dcb5482c8a29260e9cfd9ba8d7feff6

pastebin.com Open in urlscan Pro 104.20.208.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

138 Requests

88 %HTTPS

15 %IPv6

30 Domains

38 Subdomains

41 IPs

5 Countries

712 kBTransfer

2215 kBSize

0 Cookies

7 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pastebin.com Open in urlscan Pro
104.20.208.21 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

88 %
HTTPS

15 %
IPv6

30
Domains

38
Subdomains

41
IPs

5
Countries

712 kB
Transfer

2215 kB
Size

0
Cookies

138 HTTP transactions
0 data transactions