URL: https://pastebin.pl/view/2bcd618e
Submission: On June 15 via manual from DE — Scanned from GE

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 60 HTTP transactions. The main IP is 185.157.81.233, located in Poland and belongs to S-NET-AS, PL. The main domain is pastebin.pl.
TLS certificate: Issued by R3 on May 21st 2023. Valid for: 3 months.
This is the only time pastebin.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 107
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1940
89 KB
15 pastebin.pl
pastebin.pl
191 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
249 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
566 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
10 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1107
603 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
81 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
30 KB
60 9
Domain Requested by
15 pastebin.pl pastebin.pl
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 pagead2.googlesyndication.com pastebin.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com pastebin.pl
www.gstatic.com
www.google.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.gstatic.com www.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pastebin.pl
1 ajax.googleapis.com pastebin.pl
60 13
Subject Issuer Validity Valid
www.pastebin.pl
R3
2023-05-21 -
2023-08-19
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh

This page contains 8 frames:

Primary Page: https://pastebin.pl/view/2bcd618e
Frame ID: F1151DC0DEEA2FE0F8FAB74AD57B1297
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: 47433E748EC631FF5A395774AD16E6C3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Frame ID: C8A144447C619013C3C61A13C8068427
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1686803820&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F2bcd618e&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686803819678&bpp=8&bdt=1287&idt=747&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7903523177052&frm=20&pv=2&ga_vid=1741987545.1686803820&ga_sid=1686803820&ga_hid=1978766080&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075068%2C44788441&oid=2&pvsid=1356594308487313&tmod=1323077632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=775
Frame ID: 9946A0C5D6C83F7AB9AE723147DBAEEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&h=280&adk=617080280&adf=683863926&pi=t.aa~a.1976021666~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1686803820&rafmt=1&to=qs&pwprc=8024604295&format=1140x280&url=https%3A%2F%2Fpastebin.pl%2Fview%2F2bcd618e&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686803819686&bpp=2&bdt=1295&idt=775&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7903523177052&frm=20&pv=1&ga_vid=1741987545.1686803820&ga_sid=1686803820&ga_hid=1978766080&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075068%2C44788441&oid=2&pvsid=1356594308487313&tmod=1323077632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hurKzoF0WH&p=https%3A//pastebin.pl&dtd=779
Frame ID: F48952D93E526EFE7CCB0875C7714B60
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Frame ID: 714A2C109A79414D55570A229DA684D2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A6B1EE6393D35DFB71D247767DA1D94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12460E2FDB5D38D1A97DBF7D62435A49
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

루이비통 에르메스 숄더백 쇼핑은 여기에서 - Pastebin

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

60
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

14
IPs

2
Countries

1217 kB
Transfer

3181 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2bcd618e
pastebin.pl/view/
41 KB
11 KB
Document
General
Full URL
https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
abac2490c7d34cf5cbeaf54ca3876b6ef1799cab4d30d586db255705bbaccb2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 04:36:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jun 2024 11:54:27 GMT
16262479586fe652146aefffcee5e73b9d19256f5d.css
pastebin.pl/static/asset/
122 KB
26 KB
Stylesheet
General
Full URL
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:58 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:17:54 GMT
server
nginx
etag
W/"60ee9db2-1e71d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 15 Jul 2023 04:36:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
cda16382c90ff629e5570bb60cb491f6ba334da8d9613f8462f680b5767e46fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47487
x-xss-protection
0
server
cafe
etag
11028056126416577012
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 04:36:59 GMT
js
www.googletagmanager.com/gtag/
228 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7abd650ff8ce771c80b598cd06c7f577378213b115860e5c305e561616d70d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82527
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Jun 2023 04:36:59 GMT
btc.png
pastebin.pl/custom-images/
6 KB
6 KB
Image
General
Full URL
https://pastebin.pl/custom-images/btc.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-171e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5918
expires
Sat, 15 Jul 2023 04:36:59 GMT
Facebook.png
pastebin.pl/custom-images/flat_web_icon_set/color/
3 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Facebook.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-d42"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3394
expires
Sat, 15 Jul 2023 04:36:59 GMT
Twitter.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Twitter.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-e3c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3644
expires
Sat, 15 Jul 2023 04:36:59 GMT
Google+.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Google+.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f1d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3869
expires
Sat, 15 Jul 2023 04:36:59 GMT
Tumblr.png
pastebin.pl/custom-images/flat_web_icon_set/color/
3 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Tumblr.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-d6f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3439
expires
Sat, 15 Jul 2023 04:36:59 GMT
Reddit.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Reddit.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f83"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3971
expires
Sat, 15 Jul 2023 04:36:59 GMT
Wordpress.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Wordpress.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-f84"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3972
expires
Sat, 15 Jul 2023 04:36:59 GMT
Email.png
pastebin.pl/custom-images/flat_web_icon_set/color/
4 KB
4 KB
Image
General
Full URL
https://pastebin.pl/custom-images/flat_web_icon_set/color/Email.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 14 Jul 2021 07:32:37 GMT
server
nginx
etag
"60ee9315-e5c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3676
expires
Sat, 15 Jul 2023 04:36:59 GMT
2bcd618e
pastebin.pl/view/qr/
389 B
561 B
Image
General
Full URL
https://pastebin.pl/view/qr/2bcd618e
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
3d9084dff09ff5aa4091b1145f7a57f5ebf6d85b83bf4cd1b3dc6bf120318f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 15 Jun 2023 04:36:59 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.js
www.google.com/recaptcha/
850 B
878 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
a9dc5e838e445948494b01d0d8cf2733acca3141e381de029b44db5f0b508ff2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 04:36:59 GMT
16262479587430a1044da8a37b18147203f4015289.js
pastebin.pl/static/asset/
207 KB
74 KB
Script
General
Full URL
https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/view/2bcd618e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:36:58 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 16:37:27 GMT
server
nginx
etag
W/"60ef12c7-33dce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 15 Jul 2023 04:36:58 GMT
banner_soc.png
pastebin.pl/themes/stikkedizr/images/
2 KB
2 KB
Image
General
Full URL
https://pastebin.pl/themes/stikkedizr/images/banner_soc.png
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 15 Jun 2023 04:36:59 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Sat, 15 Jul 2023 04:36:59 GMT
fontawesome-webfont.woff
pastebin.pl/themes/stikkedizr/fonts/
43 KB
44 KB
Font
General
Full URL
https://pastebin.pl/themes/stikkedizr/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/font-woff
pragma
no-cache
date
Thu, 15 Jun 2023 04:36:59 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Fri, 16 Jun 2023 04:36:59 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/
442 KB
167 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
cd94f481b28ba2a6b6ada404eca8548355f573cdd95c2d82a100e32207495505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Origin
https://pastebin.pl
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 07:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170511
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 07:41:30 GMT
text
pastebin.pl/main/get_cm_js/
0
233 B
XHR
General
Full URL
https://pastebin.pl/main/get_cm_js/text?_=1686803819221
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),
Reverse DNS
185.157.81.233.in-addr.arpa
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://pastebin.pl/view/2bcd618e
X-Requested-With
XMLHttpRequest
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 04:36:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/
352 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
dce2a807e54dead8cf9ce7d9be7b8d88ff99d23f8c88887777cf808e9a933cc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120781
x-xss-protection
0
server
cafe
etag
18360358888003866978
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 04:37:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame 4743
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
44905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 16:08:35 GMT
etag
15057649708203361565
expires
Wed, 28 Jun 2023 16:08:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-88PKPGCEBF&gtm=45je36c0&_p=1978766080&cid=1741987545.1686803820&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686803819&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.pl%2Fview%2F2bcd618e&dt=%EB%A3%A8%EC%9D%B4%EB%B9%84%ED%86%B5%20%EC%97%90%EB%A5%B4%EB%A9%94%EC%8A%A4%20%EC%88%84%EB%8D%94%EB%B0%B1%20%EC%87%BC%ED%95%91%EC%9D%80%20%EC%97%AC%EA%B8%B0%EC%97%90%EC%84%9C%20-%20Pastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 04:37:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastebin.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame C8A1
51 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__ka.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
cebca6757f063104935a74a9b1bf1ffd0393ff78d06e5162cd1a631ac2246ca7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jb8Zhgdp6erc8mkBTiy3eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28547
content-security-policy
script-src 'report-sample' 'nonce-Jb8Zhgdp6erc8mkBTiy3eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:36:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame C8A1
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 14:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 14:13:37 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame C8A1
442 KB
167 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
cd94f481b28ba2a6b6ada404eca8548355f573cdd95c2d82a100e32207495505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 07:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170511
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 07:41:30 GMT
cookie.js
partner.googleadservices.com/gampad/
389 B
603 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.pl&callback=_gfp_s_&client=ca-pub-2536515702233288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
fedbbba4c0fd7ce33c64a06d7d311a8797b02aaca897d593fc98aa2c2a7cafc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pastebin.pl
URL: https://pastebin.pl/view/2bcd618e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 04:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9946
12 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1686803820&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F2bcd618e&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686803819678&bpp=8&bdt=1287&idt=747&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7903523177052&frm=20&pv=2&ga_vid=1741987545.1686803820&ga_sid=1686803820&ga_hid=1978766080&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075068%2C44788441&oid=2&pvsid=1356594308487313&tmod=1323077632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=775
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c0631b26ab7a6f01da12b2d0f09d1bf240422aabb1ad79a6db4bfd2dd1d3f827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4993
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:37:00 GMT
expires
Thu, 15 Jun 2023 04:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F489
436 B
413 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&h=280&adk=617080280&adf=683863926&pi=t.aa~a.1976021666~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1686803820&rafmt=1&to=qs&pwprc=8024604295&format=1140x280&url=https%3A%2F%2Fpastebin.pl%2Fview%2F2bcd618e&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686803819686&bpp=2&bdt=1295&idt=775&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7903523177052&frm=20&pv=1&ga_vid=1741987545.1686803820&ga_sid=1686803820&ga_hid=1978766080&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075068%2C44788441&oid=2&pvsid=1356594308487313&tmod=1323077632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hurKzoF0WH&p=https%3A//pastebin.pl&dtd=779
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e91a9b8191ef5376e8a19f5fc45d68ea258fbe4ad098998f59912a4c7f3cdd77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:37:00 GMT
expires
Thu, 15 Jun 2023 04:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C8A1
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C8A1
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C8A1
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 22:52:35 GMT
x-content-type-options
nosniff
age
366265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 17 Jun 2023 22:52:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C8A1
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 23:28:35 GMT
x-content-type-options
nosniff
age
364106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 23:28:35 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C8A1
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
2b84dbc94d3b8296c604d8ed259fa04902508e7617bbe2ccc562dd97aac00adc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=normal&cb=sjqpx4e3kqwg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 04:37:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 714A
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__ka.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
73c1ebd8e03febb997e117f52bc48900c4c925ffaa10f490c6b09581d8b54066
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EUE_GivrKWbA75DHRaFS4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1156
content-security-policy
script-src 'report-sample' 'nonce-EUE_GivrKWbA75DHRaFS4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:37:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ca-pub-2536515702233288
fundingchoicesmessages.google.com/i/
142 KB
48 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2536515702233288?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
582922df706f094e553304faaab2662ed757622eae8a1164b982c3a298d9333a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AglBe1mC2pgZVg4VTlEMtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-AglBe1mC2pgZVg4VTlEMtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame 714A
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 14:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 14:13:37 GMT
recaptcha__ka.js
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame 714A
442 KB
167 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__ka.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=Xh5Zjh8Od10-SgxpI_tcSnHR&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
cd94f481b28ba2a6b6ada404eca8548355f573cdd95c2d82a100e32207495505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 07:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170511
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 07:41:30 GMT
AGSKWxWPnBooEZKUBhBUJmYDIIKE74NdEMR8JBC2PzgcuTniL5sRuuNvCuxgeFpf9O1h69KO5ptabjlpuVxIckHCAOY=
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWPnBooEZKUBhBUJmYDIIKE74NdEMR8JBC2PzgcuTniL5sRuuNvCuxgeFpf9O1h69KO5ptabjlpuVxIckHCAOY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2ODAzODIxLDU5MjAwMDAwMF0sIkE0REI5MjU5LTRFNDEtNDRFQy04ODIwLUFCRkEzRkRBNzBBNCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcGFzdGViaW4ucGwvdmlldy8yYmNkNjE4ZSIsbnVsbCxbWzgsIjRqSWlTUUFpWkFZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
fe79193a12a90fe177f1fc00b8306826704a91c7ebf49b14807bb2884c77d895
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BOR9GGvuzRshx3d8A0KNfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-BOR9GGvuzRshx3d8A0KNfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-xlorTaQu9s13oUTh3vx-wStsOVDd2OqLbyrwMrZdGsJRLIBCX03PdwmX8cM3uiEMFONrKC7MV_-7DwY7TYh8dnq0pTF7g_imdShFs4jyIaeYdXeqKHnVaP3UEonk5axzHNQHCA==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU-xlorTaQu9s13oUTh3vx-wStsOVDd2OqLbyrwMrZdGsJRLIBCX03PdwmX8cM3uiEMFONrKC7MV_-7DwY7TYh8dnq0pTF7g_imdShFs4jyIaeYdXeqKHnVaP3UEonk5axzHNQHCA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2ODAzODIxLDc3NzAwMDAwMF0sIkE0REI5MjU5LTRFNDEtNDRFQy04ODIwLUFCRkEzRkRBNzBBNCIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJwbCJdLCJodHRwczovL3Bhc3RlYmluLnBsL3ZpZXcvMmJjZDYxOGUiLG51bGwsW1s4LCI0aklpU1FBaVpBWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
26afa44e0e3c3cf5b9319b185909f4383eda297c6af0a06c915bc5e66ae7db5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZuJ6yILMOS5kiwSDwBRGUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZuJ6yILMOS5kiwSDwBRGUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230613&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c0a71bdadc7239f8f14b0c79eb8a4103160db380943cd2e512bd71dd4b86e8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11274
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 04:37:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A6B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
36164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 18:34:18 GMT
expires
Thu, 13 Jun 2024 18:34:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1246
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
8288897ff1cfe5360c76138581e88540e94d579fa89d6517675f3a9dd1b71902
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I762i2VkHANBjhvoi4qEMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-I762i2VkHANBjhvoi4qEMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:37:02 GMT
expires
Thu, 15 Jun 2023 04:37:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1246
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230613&jk=1356594308487313&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
pagead2.googlesyndication.com/bg/ Frame 5A6B
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 07:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
163506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14776
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 07:11:56 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.30893290179095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6J77Ie9fnq2wJoD8KjhH2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6J77Ie9fnq2wJoD8KjhH2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.0030289955365705
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KaX-rrTvaWoFHf3zZOYzNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-KaX-rrTvaWoFHf3zZOYzNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5A6B
0
41 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?_N_Efw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xbg0aGtiy9bCZez4y3SkkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xbg0aGtiy9bCZez4y3SkkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230613&jk=1356594308487313&bg=!HB-lH0vNAAaGYqkwpmI7ADkAdvg8WmNlZlvz5iBF6dIx8C6Qod98OC3uptxDOp2E2hGwSjYt54mLK4GbPPAlUWfBjTN8oIHJ3lwCAAAASlIAAAADaAEHCgDK1OBH0isc0_huZq9oKUruYsY7Eg4f3-6JHNXDe4s8kVEwtPmVsjQJimsUOyphFzIRQE2IBytRxjyiB0Mf5VvSN2StiYetjCj8Lye3LXusDMuJmrzX9DbiCVPu7NUMjuJRTDVVibwU9XVlQGvE8YATjNpdOFV-qSLk72QHobWNuTExr7TpFXo1e8wM9ni_R2K2eJ2wLYHhC6Jq_kzzrIF30YDQzBmVvysel48_-5ccDoy6hNURkG87GQgbnXnPDJVNFPBmjGbypfz0b5kCnrGd9BE1XwMqA16gkx0U0aluebHjwdEq7k51eLkoUy5Ke61owqpyvW58CeYajzthaQ-C2BBnMbEOSeofPOaAo1OVN-mupUUWSw4IluOmRNpvzZDaLUOD08VFAfUyk_xWlFyU60oELeJItc7QiuDxY31rKaOX3gSqI9B7BH6itUb-6lyOf7z-amnw327-5hKSX-3g8MA8rrW6SsYs95RrfzwQjz6b74biHuAMf2jWGV7S2_HK-aGxaf-7AmtvqPiiBUWd0eHRyesAHbyqgp9l7nMCJS9xDU9m_n-Ge44dVysTipMVU4Y1gtWbXDdALi0nuROlp4GpZCAxUWl0q9hIaNkC1L2Pxh6Az0LV-baYlTCe2MvOSNvQc-47STPxQ9HDzdDbmo8tpheNIMvpwmY9bdrziwM5P48BB-nVoSG7kLGiOV6i72-2rAVmV4w99J0nyV7R08lA_oNnGxEoW-dbqLwedGLbOrn_wDk7WcuH-WurOritatzcYuT_pm362LdJLpC0uyLnZlV4j7_ZG6JuUGhL877IGL4ffx0ZRDNATdm-MX8AZbH_be0T4Ywln845J_ca1Qei7QUBLRa0n9xJgH5SDxZhnvoMLbGS4tXmHPiaDjpBcgWvvDOgW7jvRNMPaeABVlPxVaWXy4fJTIXVP0kTo7BO7kYZQwbSWmHL_MaeatccQk04gEXsZo_Ejgm8M2jba9fi42OKlzP0qYUl46nGlbvUWgkTmRca6rq-hyUEAkA8R378xqTTcR74pPC3Pbaecku3wy1fP63Arwn9vXGxyv2AcPuwnteAupqumUPP6i65rZI7nAH-yjbSG-z_sp5av8P-v3_WV434V9aoTIaUpz7jsJxE6U7ysQgk4qu6iMgEsqsQTgjKXNQSeUo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
fundingchoicesmessages.google.com/f/AGSKWxWCP-u090z1qMwjEdS9Wm0leOQx9zpgVj56vEv94qjhrK7Ad-9_avUWEfw2F7b778FWm-TaNKuCGhOjrmzHi89kfdx5nuZnD-nKd_rR_ZOPTAf35j_3YaYO1dRtSWkVfgi-s7bkeR5XNSrLoCruv7j9jb38J...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWCP-u090z1qMwjEdS9Wm0leOQx9zpgVj56vEv94qjhrK7Ad-9_avUWEfw2F7b778FWm-TaNKuCGhOjrmzHi89kfdx5nuZnD-nKd_rR_ZOPTAf35j_3YaYO1dRtSWkVfgi-s7bkeR5XNSrLoCruv7j9jb38JYA1JTbGaEnU9UyfQAR1m_T8-GsU3lWJ/_/adlink_/zaz-admanager.-strip-ads-/ad/?section=/ad_selectMainfixedad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
06f537c9fa40a53fd7213ea357ca43ad4df1829971d45b564600e840502091d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fiv_R60S2we79UP_lcAu6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-fiv_R60S2we79UP_lcAu6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0443e2b6d10b054135a39a0b29f1697d889479d2fe3da2c5fc2c8de2f3860952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47514
x-xss-protection
0
server
cafe
etag
7388438654105114931
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 04:37:03 GMT
AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3Bh9zqoJM7lfI4NwUVZS2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3Bh9zqoJM7lfI4NwUVZS2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastebin.pl
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2vnnUEzcp3VfvBPMrpOYkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-2vnnUEzcp3VfvBPMrpOYkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uvsSc_Utcm12KFK25CaA_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uvsSc_Utcm12KFK25CaA_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastebin.pl
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0VRfDFLBbDDm0siH38y-7YNP6vsq5k-XBCClA8LfxpShoDpg6IIKztuI75wf7yZCgl4F9BLZEwcFuPuBgADyHhnkIq8F8CO8If3ZGGoLZOFuCV5kGTw0eWuZUctSLXdTLFIKRog==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1HOCl0bA8lvx_RjXsmYihQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1HOCl0bA8lvx_RjXsmYihQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastebin.pl
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWkH8TultzeMIOpCxrnTzG49GCdwRqSOAGhn7mKUhqjzJgs6ij1hlXc31pQbW3VXIzgze1TD1dHNKYSfPXzpWXFMN9DhduHqTAaDqJGklEH6PeRWWHb_H1kVvpCsOEgkSjriQ8-2A==
fundingchoicesmessages.google.com/f/
4 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWkH8TultzeMIOpCxrnTzG49GCdwRqSOAGhn7mKUhqjzJgs6ij1hlXc31pQbW3VXIzgze1TD1dHNKYSfPXzpWXFMN9DhduHqTAaDqJGklEH6PeRWWHb_H1kVvpCsOEgkSjriQ8-2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2ODAzODIzLDk2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicGwiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzJiY2Q2MThlIixudWxsLFtbOCwiNGpJaVNRQWlaQVkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
3529b553f252b7c0615dd4ab40db628cf0e5a87181fd54245da43ce830fb10a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nzc9bSxNfi3CiZWNsXHoUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pastebin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-nzc9bSxNfi3CiZWNsXHoUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWHj9k4pnW78rOScyEFmyk1XuUSb6sB-KxBjvLUqYT__3rvhRqkhmib0Q4E5U32iRieUQDhd-FVlNeN2KlVLpxdHppOvCdxsevMQ9k5CIXIzop2d_Z_pAyj-z6bItCCkd4Lg6u6ew==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWHj9k4pnW78rOScyEFmyk1XuUSb6sB-KxBjvLUqYT__3rvhRqkhmib0Q4E5U32iRieUQDhd-FVlNeN2KlVLpxdHppOvCdxsevMQ9k5CIXIzop2d_Z_pAyj-z6bItCCkd4Lg6u6ew==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PUsP_6e7r-mroaLLIH1pvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PUsP_6e7r-mroaLLIH1pvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pastebin.pl
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-6I9DjHIHSvo-126kOVKtRK1iuTMh-3Ghkow6hfd1tPgU_nmC-ySiKuFvyM1aP8w5mYpquzhQbFhygNUqanc=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU-6I9DjHIHSvo-126kOVKtRK1iuTMh-3Ghkow6hfd1tPgU_nmC-ySiKuFvyM1aP8w5mYpquzhQbFhygNUqanc=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.4jIiSQAiZAY.es5.O/d=1/rs=AJlcJMxehomxNsrM1a86qvZtaNqupLHI6A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q6oPNfCPyDj6WF83MJvV8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pastebin.pl/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Jun 2023 04:37:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q6oPNfCPyDj6WF83MJvV8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastebin.pl
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| base_url function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| matched object| browser function| CodeMirror object| ST object| CM object| jQuery1102008923105845459633 object| $embed_field object| modes function| set_syntax function| set_language undefined| mode object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_731816 function| google_sa_impl boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDVkZDYzMDY2YjcyZTBjMmxvYWRlcl9qcw== string| ZDVkZDYzMDY2YjcyZTBjMmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| 8d96871d-38fd-4204-96e7-2b0110f807dd

7 Cookies

Domain/Path Name / Value
pastebin.pl/ Name: PHPSESSID
Value: 23ibed6tj5d86ptamvijhnsffs
.pastebin.pl/ Name: _ga_88PKPGCEBF
Value: GS1.1.1686803819.1.0.1686803819.0.0.0
.pastebin.pl/ Name: _ga
Value: GA1.1.1741987545.1686803820
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pastebin.pl/ Name: __gads
Value: ID=6941796adf1ad5bc-22fd3cc78fe100c7:T=1686803820:RT=1686803820:S=ALNI_Ma4gdWTKjEJiB1iQ0MvHUimEkPgBQ
.pastebin.pl/ Name: __gpi
Value: UID=00000c4f37346ce9:T=1686803820:RT=1686803820:S=ALNI_Mblh37S6w26XpqSGoaDA3swzflh1A
.pastebin.pl/ Name: FCNEC
Value: %5B%5B%22AKsRol8SWnT6yxrDanw4Bvvhj3PZ9cCMjVpPElRXpkdsZvs4r6X3_E3NU0A2qe4Je3oYaauuWmhHHZ5eYbeWAAREL0j8uXGNVGOcRdPgkJ5btUV62VCX-C1JWbiYO-_nAwy8DzBgNnOjg0rYNLiX2Dq4eBUtf0h-Pw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pastebin.pl
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.181.226
142.250.185.136
142.250.185.162
142.250.185.174
142.250.185.238
142.250.186.131
142.250.186.132
142.250.186.170
142.250.186.33
142.250.186.34
172.217.16.195
172.217.18.98
185.157.81.233
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
0443e2b6d10b054135a39a0b29f1697d889479d2fe3da2c5fc2c8de2f3860952
06f537c9fa40a53fd7213ea357ca43ad4df1829971d45b564600e840502091d1
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
26afa44e0e3c3cf5b9319b185909f4383eda297c6af0a06c915bc5e66ae7db5f
2b84dbc94d3b8296c604d8ed259fa04902508e7617bbe2ccc562dd97aac00adc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3529b553f252b7c0615dd4ab40db628cf0e5a87181fd54245da43ce830fb10a9
3d9084dff09ff5aa4091b1145f7a57f5ebf6d85b83bf4cd1b3dc6bf120318f36
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582922df706f094e553304faaab2662ed757622eae8a1164b982c3a298d9333a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
73c1ebd8e03febb997e117f52bc48900c4c925ffaa10f490c6b09581d8b54066
7abd650ff8ce771c80b598cd06c7f577378213b115860e5c305e561616d70d22
8288897ff1cfe5360c76138581e88540e94d579fa89d6517675f3a9dd1b71902
840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c
a9dc5e838e445948494b01d0d8cf2733acca3141e381de029b44db5f0b508ff2
abac2490c7d34cf5cbeaf54ca3876b6ef1799cab4d30d586db255705bbaccb2e
c0631b26ab7a6f01da12b2d0f09d1bf240422aabb1ad79a6db4bfd2dd1d3f827
c0a71bdadc7239f8f14b0c79eb8a4103160db380943cd2e512bd71dd4b86e8de
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
cd94f481b28ba2a6b6ada404eca8548355f573cdd95c2d82a100e32207495505
cda16382c90ff629e5570bb60cb491f6ba334da8d9613f8462f680b5767e46fa
cebca6757f063104935a74a9b1bf1ffd0393ff78d06e5162cd1a631ac2246ca7
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
dce2a807e54dead8cf9ce7d9be7b8d88ff99d23f8c88887777cf808e9a933cc9
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91a9b8191ef5376e8a19f5fc45d68ea258fbe4ad098998f59912a4c7f3cdd77
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
fe79193a12a90fe177f1fc00b8306826704a91c7ebf49b14807bb2884c77d895
fedbbba4c0fd7ce33c64a06d7d311a8797b02aaca897d593fc98aa2c2a7cafc3