pastebin.pl Open in urlscan Pro
185.157.81.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastebin.pl/view/b0f3665d
Submission: On October 17 via manual (October 17th 2022, 8:21:09 am UTC) from US — Scanned from AU

Summary HTTP 84 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 84 HTTP transactions. The main IP is 185.157.81.233, located in Poland and belongs to S-NET-AS, PL. The main domain is pastebin.pl.
TLS certificate: Issued by R3 on August 27th 2022. Valid for: 3 months.

This is the only time pastebin.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	185.157.81.233 185.157.81.233	42927 (S-NET-AS) (S-NET-AS)
12	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	142.251.12.97 142.251.12.97	15169 (GOOGLE) (GOOGLE)
2	51.83.237.191 51.83.237.191	16276 (OVH) (OVH)
2	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
1	142.251.12.113 142.251.12.113	15169 (GOOGLE) (GOOGLE)
1	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
2	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
14	172.217.194.100 172.217.194.100	15169 (GOOGLE) (GOOGLE)
1	182.161.74.19 182.161.74.19	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.148 182.161.73.148	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
1	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
7	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
13	182.161.73.135 182.161.73.135	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.73.142 182.161.73.142	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	74.125.24.99 74.125.24.99	() ()
84	19

16 185.157.81.233 (Poland)

ASN42927 (S-NET-AS, PL)
PTR: 185.157.81.233.in-addr.arpa

pastebin.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.237.191 (Moscow, Russian Federation)

ASN16276 (OVH, FR)
PTR: ns31157823.ip-51-83-237.eu

www.wykop.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.194.100 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f100.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

pix.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.99 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 pix.as.criteo.net — Cisco Umbrella Rank: 16753 csm.as.criteo.net — Cisco Umbrella Rank: 17352	314 KB
17	google.com adservice.google.com — Cisco Umbrella Rank: 78 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2267 www.google.com	51 KB
16	pastebin.pl pastebin.pl	192 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	333 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	23 KB
3	criteo.com rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22845 ads.as.criteo.com — Cisco Umbrella Rank: 17079 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17724	48 KB
2	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 109731	957 B
2	wykop.pl www.wykop.pl — Cisco Umbrella Rank: 144504	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	695 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	344 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	74 KB
84	12

	Domain	Requested by
16	pastebin.pl	pastebin.pl
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com pastebin.pl
13	pix.as.criteo.net	ads.as.criteo.com
8	pagead2.googlesyndication.com	pastebin.pl pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	static.criteo.net	ads.as.criteo.com
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com pastebin.pl
2	csm.as.criteo.net	ads.as.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.au	pagead2.googlesyndication.com
2	www.wykop.pl	pastebin.pl www.wykop.pl
1	www.google.com	tpc.googlesyndication.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.as.criteo.com	googleads.g.doubleclick.net
1	rtb.jp2.as.criteo.com	pastebin.pl
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	pastebin.pl
84	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.binance.com
twitter.com
plus.google.com
www.tumblr.com
www.reddit.com
wordpress.com
github.com

Subject Issuer	Validity	Valid
www.pastebin.pl R3	`2022-08-27` - `2022-11-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.wykop.pl Certum Domain Validation CA SHA2	`2022-01-24` - `2023-01-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-07` - `2022-11-09`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-09` - `2023-01-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.as.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-31` - `2022-12-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://pastebin.pl/view/b0f3665d
Frame ID: D3AC73A63CC634441C15468298BF0465
Requests: 44 HTTP requests in this frame

Frame: https://www.wykop.pl/dataprovider/diggerwidget/?url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&title=%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%20Ufabet%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%20Uf%20-%20Pastebin&desc=Przyk%EF%BF%BDadowy%20opis&bg=FFFFFF&type=compact2&bold=true
Frame ID: 7BC8CACA40609B124CCC3461765B0BC6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 2A0E93FFE26026EE7C31393EEF22E7A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1665994864&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665994862855&bpp=4&bdt=805&idt=1522&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5842552245217&frm=20&pv=2&ga_vid=1490074468.1665994864&ga_sid=1665994864&ga_hid=732223657&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070290&oid=2&pvsid=3940100849374147&tmod=590015838&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1541
Frame ID: 307A4ADB609EDFA70016C0398388743B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 813C87C60B66B0303B5D8B94FE8744D4
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y00QcAAHoRoBc-xFAAFzJQLYJ5M5RTsrWWOqXg&u=%7CfPEI3tb1EPO3f6ZFoXlrQwFlRprVwMc3KgNZbk%2FlFf4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum_x3gx6EQQ-ZiPw0naFjcRpxaWansHMEmYyFOV6dhGW3vgBQHxmsgQmVCAOM_C5KQZ7Q1V6kZDFea93X0nVTadAtS8rhhzm06p2jdbSg1d15CogCVYKrwUfwZx-NmsA1Txhgpx7eTr3yiSjVVXOk17DEtelZbMzpA8gdBvxr_nm6KRdNtgnFu854e77WpIX85PqKjl0OOvPrkAjDOQQW_0xWUUjjXG4oUXlL5vJzFdq3ci6tJE3KqImutZEVMVfjmRi7JiQSOojLmsW3BJ5A3FdtO3rCrlbQ63oLnZCgi24g9K-PtGCnbXvV0Ne8tb2Up55WcynYfhVSSaO_ySLmIjcDotkK09ktVH2OA-zMsZkMoJ0qE59C243BKHXRXBKIZYNQO-dIS_Zbvw38VJqmQcPKdhxEV9uj9IkJOHyz8y03N5-q2G2IrIjPBHOqxu_QQ5SL8nxUi00Il81ByjW_1a8Rkztz57EffoqXhfLMnliUtbVKrhbWcdSS9v1giNjpQK_xRzI3IT8sX0p49aTv4Ns4UJ6jegna1j_dAVmKMyQeCiuOc2S0UOToY0GyD8pKi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC73bHcBBNY5rCHsXYz7sPpeaFqA2Y_NGxXLrzw-WFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yNTM2NTE1NzAyMjMzMjg4yAEJqQK8AWBcRs2kPqgDAaoE4AFP0L3dyTS6ThL5d-unKciECD27lX6ABAnP6wEC4OExABCGcYFRWsxLRHN8OcObiZBe2YTF_w39aBPIgz8YbS6qGoh2DMu91CYKa2Ut6X_j_xni3of7cH4ds8Qtelr-IxXWJ7Jdo6ik0IMq2aQAJV2161vMPZDk_T9EW-vDjkvy03m_NQoVPLZFm6bEUIqnIgIXlT91WgwGiWB_q87pKLe1_n5n0EL37v1LeJ2TYcaYurbgmyxJWRXOc3yDt3GL9hJKh95h0B6VEPAYcnmU2X0maKgQHhJsKY-2Iwl3yBDpV4AGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27gnJKIH0Ygh_1RHauCjV3slYwGg%26client%3Dca-pub-2536515702233288%26adurl%3D
Frame ID: 751F84167F30382A864B85B8D789B0FB
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AAF469B1E67B31A44C592D6E68AF77B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DA63977E5A553B6DC7127BCE5A6ADBC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

แทงบอล Ufabet เว็บแทงบอลออนไลน์ คาสิโน หวย ต้อง Uf - Pastebin

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

84
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

1085 kB
Transfer

2386 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pastebinpl
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.binance.com/en/register?ref=11561973

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastebin.pl/view/b0f3665d

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://pastebin.pl/view/b0f3665d&text=https://pastebin.pl/view/b0f3665d

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://pastebin.pl/view/b0f3665d

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&name=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&description=Pastebin.pl

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://pastebin.pl/view/b0f3665d&title=

Search URL Search Domain Scan URL

URL: http://wordpress.com/press-this.php?u=https://pastebin.pl/view/b0f3665d&t=&s=

Search URL Search Domain Scan URL

URL: https://github.com/claudehohl/Stikked
Title: Stikked | Pastebin.pl 2014 - today

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request b0f3665d Show response
pastebin.pl/view/ 26 KB
8 KB 1045ms
360ms Document
text/html 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

e1b67738f2dc041bf56ae3aa2b49cc9454b96f480b612256e48d56058be3fe2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 08:21:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 16262479586fe652146aefffcee5e73b9d19256f5d.css
pastebin.pl/static/asset/ 122 KB
26 KB 342ms
341ms Stylesheet
text/css 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:17:54 GMT
server: nginx
etag: W/"60ee9db2-1e71d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Oct 2022 20:21:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 535ms
191ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

fb1b2ee674eaba9de02ebd75d30e4205ae157d84686b2525b98e1df2195c21a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Origin: https://pastebin.pl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54271
x-xss-protection: 0
server: cafe
etag: 4259130190259518060
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 08:21:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 534ms
179ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4966bf89dcd559f00dd1092d5462020afac60d3b5240910cfbdd4620cab1c905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 08:21:03 GMT

GET
H2 200 btc.png
pastebin.pl/custom-images/ 6 KB
6 KB 345ms
342ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/btc.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-171e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5918
expires: Wed, 16 Nov 2022 08:21:02 GMT

GET
H2 200 Facebook.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 3 KB
4 KB 345ms
342ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Facebook.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-d42"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3394
expires: Wed, 16 Nov 2022 08:21:02 GMT

GET
H2 200 Twitter.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 346ms
343ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Twitter.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-e3c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3644
expires: Wed, 16 Nov 2022 08:21:02 GMT

GET
H2 200 Google+.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 679ms
677ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Google+.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-f1d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3869
expires: Wed, 16 Nov 2022 08:21:02 GMT

GET
H2 200 Tumblr.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 3 KB
4 KB 680ms
677ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Tumblr.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-d6f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3439
expires: Wed, 16 Nov 2022 08:21:02 GMT

GET
H2 200 Reddit.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 664ms
664ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Reddit.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-f83"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3971
expires: Wed, 16 Nov 2022 08:21:03 GMT

GET
H2 200 Wordpress.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 664ms
664ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Wordpress.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-f84"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3972
expires: Wed, 16 Nov 2022 08:21:03 GMT

GET
H2 200 Email.png
pastebin.pl/custom-images/flat_web_icon_set/color/ 4 KB
4 KB 665ms
664ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/custom-images/flat_web_icon_set/color/Email.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Jul 2021 07:32:37 GMT
server: nginx
etag: "60ee9315-e5c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3676
expires: Wed, 16 Nov 2022 08:21:03 GMT

GET
H2 200 b0f3665d
pastebin.pl/view/qr/ 384 B
555 B 1004ms
1004ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/view/qr/b0f3665d

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

20625bdf201c82565138c0a931e87dd982f1f7b65cd11319c3cf50853656ea11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 17 Oct 2022 08:21:03 GMT
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 captcha
pastebin.pl/view/ 3 KB
3 KB 354ms
353ms Image
image/jpeg 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/view/captcha?1665994861

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

59f3ca1a4877696bb7339ff601a89458b7e3492ded5c7793d1a982942d32add6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Mon, 17 Oct 2022 08:21:03 GMT
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 16262479587430a1044da8a37b18147203f4015289.js Show response
pastebin.pl/static/asset/ 207 KB
74 KB 343ms
343ms Script
application/javascript 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/view/b0f3665d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:02 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 16:37:27 GMT
server: nginx
etag: W/"60ef12c7-33dce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Oct 2022 20:21:02 GMT

GET
H2 200 / Show response
www.wykop.pl/dataprovider/diggerwidget/ Frame 7BC8 2 KB
1 KB 1061ms
355ms Document
text/html 51.83.237.191
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wykop.pl/dataprovider/diggerwidget/?url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&title=%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%20Ufabet%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%20Uf%20-%20Pastebin&desc=Przyk%EF%BF%BDadowy%20opis&bg=FFFFFF&type=compact2&bold=true

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.83.237.191 Moscow, Russian Federation, ASN16276 (OVH, FR),

Reverse DNS

ns31157823.ip-51-83-237.eu

Software

nginx /

Resource Hash

267d0e9052c5203808cafa9ccec76fb223e0c2f1d0e6831f220b5df5736ffc29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 08:21:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
h1: wykop-23
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-be: www-dynamic-nginx/wykop-23
x-utime: 0

GET
H2 200 banner_soc.png
pastebin.pl/themes/stikkedizr/images/ 2 KB
2 KB 1004ms
1003ms Image
image/png 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.pl/themes/stikkedizr/images/banner_soc.png

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 17 Oct 2022 08:21:03 GMT
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
server: nginx
expires: Wed, 16 Nov 2022 08:21:03 GMT

GET
H2 200 fontawesome-webfont.woff
pastebin.pl/themes/stikkedizr/fonts/ 43 KB
44 KB 675ms
674ms Font
application/font-woff 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/themes/stikkedizr/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css
Origin: https://pastebin.pl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: application/font-woff
pragma: no-cache
date: Mon, 17 Oct 2022 08:21:02 GMT
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
server: nginx
expires: Tue, 18 Oct 2022 08:21:02 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
125 KB 186ms
185ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

9561b8f1034e64ab26b083f98323732cc150e669e02c9518ad124183a857a543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127403
x-xss-protection: 0
server: cafe
etag: 1852769647176116642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 08:21:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 2A0E 10 KB
5 KB 509ms
168ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 47952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 19:01:51 GMT
etag: 9671129459699598864
expires: Sun, 30 Oct 2022 19:01:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 518ms
170ms Ping
text/plain 142.251.12.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-88PKPGCEBF&gtm=2oeaa0&_p=732223657&cid=1490074468.1665994864&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665994863&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&dt=%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%20Ufabet%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%20Uf%20-%20Pastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 08:21:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastebin.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 text Show response
pastebin.pl/main/get_cm_js/ 0
232 B 357ms
356ms XHR
text/html 185.157.81.233
S-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.pl/main/get_cm_js/text?_=1665994863767

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL),

Reverse DNS

185.157.81.233.in-addr.arpa

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://pastebin.pl/view/b0f3665d
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 08:21:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bg.png
www.wykop.pl/static/wykoppl7/img/diggerwidget/ Frame 7BC8 1 KB
1 KB 345ms
345ms Image
image/png 51.83.237.191
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wykop.pl/static/wykoppl7/img/diggerwidget/bg.png

Requested by

Host: www.wykop.pl
URL: https://www.wykop.pl/dataprovider/diggerwidget/?url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&title=%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%20Ufabet%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%20Uf%20-%20Pastebin&desc=Przyk%EF%BF%BDadowy%20opis&bg=FFFFFF&type=compact2&bold=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.83.237.191 Moscow, Russian Federation, ASN16276 (OVH, FR),

Reverse DNS

ns31157823.ip-51-83-237.eu

Software

Resource Hash

9674357773f5192646d00f4ca7b45460ead2b0c997a1640ed44a0d4d856ad705

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wykop.pl/dataprovider/diggerwidget/?url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&title=%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%20Ufabet%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%20Uf%20-%20Pastebin&desc=Przyk%EF%BF%BDadowy%20opis&bg=FFFFFF&type=compact2&bold=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 17 Oct 2022 08:21:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-b: default
last-modified: Thu, 12 Apr 2018 09:42:57 GMT
age: 240564
etag: "5acf2a21-47f"
x-c: H
content-type: image/png
x-ch: 148937
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1151
expires: Sun, 13 Nov 2022 13:31:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
695 B 515ms
171ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.pl&callback=_gfp_s_&client=ca-pub-2536515702233288&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

f6c340db5558b96167edcbbf7ea133b717e6d71b813fde415e624a1395d2e93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 508ms
174ms Script
application/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=pastebin.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 510ms
172ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 175ms
174ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 08:21:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 307A 39 KB
14 KB 495ms
495ms Document
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1665994864&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2Fb0f3665d&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665994862855&bpp=4&bdt=805&idt=1522&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5842552245217&frm=20&pv=2&ga_vid=1490074468.1665994864&ga_sid=1665994864&ga_hid=732223657&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070290&oid=2&pvsid=3940100849374147&tmod=590015838&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1541

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

2e5290a0b1ab76fc2445fc75647131bda4f5eff810a763b61b220e7c260efd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 08:21:04 GMT
expires: Mon, 17 Oct 2022 08:21:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 151 KB
54 KB 180ms
180ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/reactive_library_fy2021.js?bust=31070290

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

474ae965195c84de5459fc6a111b8a98486c5a58cd99697f4fec99c9af403b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55066
x-xss-protection: 0
server: cafe
etag: 13519976438783276200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 08:21:04 GMT

GET
H2 200 ca-pub-2536515702233288 Show response
fundingchoicesmessages.google.com/i/ 105 KB
37 KB 537ms
194ms Script
application/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2536515702233288?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

37da3e03f40be2dbb7cd79886b4cd37e118b21ba1c9a34a8f7ddd8cfb2adb7c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xz6rBEL7Hhmnwb0Sqov51A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-xz6rBEL7Hhmnwb0Sqov51A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 472ms
172ms Script
application/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=pastebin.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 472ms
170ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 AGSKWxXAhl2mRBUwQkEBD-9-xCBxLe9YX9AqOMb-MjsUJjtNuJOUkzSKKHRvqBe2rl2QpROH1CiNBwm9BXvw0uwM2sU= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 504ms
202ms Script
application/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAhl2mRBUwQkEBD-9-xCBxLe9YX9AqOMb-MjsUJjtNuJOUkzSKKHRvqBe2rl2QpROH1CiNBwm9BXvw0uwM2sU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY1OTk0ODY1LDY5MzAwMDAwMF0sIkNDQjgyQkQ4LTI3NTItNDIxNC05RUUzLTcwNzgwQzEzRjdEMCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcGFzdGViaW4ucGwvdmlldy9iMGYzNjY1ZCIsbnVsbCxbWzgsImJJRFN5aFdWaDY4Il0sWzksImVuLUdCIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.bIDSyhWVh68.es5.O/d=1/rs=AJlcJMwaF-dZHdhI738i3GaQe5WC887-Kg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

41d68f9cb7ad15b6383d72f6781deaacc4f33d697171183007e64d54bd22e1ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q8X3GrsN2W8eD3SGNWAqFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-q8X3GrsN2W8eD3SGNWAqFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 813C 10 KB
4 KB 169ms
169ms Document
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 07:38:28 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 07:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 813C 0
0 179ms
178ms Fetch
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO2S-cBBNY5rCHsXYz7sPpeaFqA2Y_NGxXLrzw-WFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yNTM2NTE1NzAyMjMzMjg4yAEJqQK8AWBcRs2kPqgDAaoE3QFP0L3dyTS6ThL5d-unKciECD27lX6ABAnP6wEC4OExABCGcYFRWsxLRHN8OcObiZBe2YTF_w39aBPIgz8YbS6qGoh2DMu91CYKa2Ut6X_j_xni3of7cH4ds8Qtelr-IxXWJ7Jdo6ik0IMq2aQAJV2161vMPZDk_T9EW-vDjkvy03m_NQoVPLZFm6bEUIqnIgIXlT91WgwGiWB_q87pKLe1_n5n0EL37v1LeJ2TYcaYurbgmyxJWRWMcV0RUr8CiO3D9kCKhoRWOeQS5XO6wZWum_6K16xyBZdRyJgJN4AGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjUzNjUxNTcwMjIzMzI4OBgA&sigh=VodZYGWq0vM&uach_m=[UACH]&cid=CAQSGwDq26N9xP-JT1xzLg80CxfbwhBNWKffkvLpixgBIBM

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 08:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Oct 2022 08:21:06 GMT

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 813C 0
0 850ms
282ms Fetch 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kpa3FMr6RO0HfGL4LRICAAAADNd8o0YlDibgrajfEHAQTWPtQpPs2NleyYMupgASAAA&wp=Y00QcAAHoRoBc-xFAAFzJQLYJ5M5RTsrWWOqXg

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 187282
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 751F 148 KB
47 KB 583ms
245ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y00QcAAHoRoBc-xFAAFzJQLYJ5M5RTsrWWOqXg&u=%7CfPEI3tb1EPO3f6ZFoXlrQwFlRprVwMc3KgNZbk%2FlFf4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum_x3gx6EQQ-ZiPw0naFjcRpxaWansHMEmYyFOV6dhGW3vgBQHxmsgQmVCAOM_C5KQZ7Q1V6kZDFea93X0nVTadAtS8rhhzm06p2jdbSg1d15CogCVYKrwUfwZx-NmsA1Txhgpx7eTr3yiSjVVXOk17DEtelZbMzpA8gdBvxr_nm6KRdNtgnFu854e77WpIX85PqKjl0OOvPrkAjDOQQW_0xWUUjjXG4oUXlL5vJzFdq3ci6tJE3KqImutZEVMVfjmRi7JiQSOojLmsW3BJ5A3FdtO3rCrlbQ63oLnZCgi24g9K-PtGCnbXvV0Ne8tb2Up55WcynYfhVSSaO_ySLmIjcDotkK09ktVH2OA-zMsZkMoJ0qE59C243BKHXRXBKIZYNQO-dIS_Zbvw38VJqmQcPKdhxEV9uj9IkJOHyz8y03N5-q2G2IrIjPBHOqxu_QQ5SL8nxUi00Il81ByjW_1a8Rkztz57EffoqXhfLMnliUtbVKrhbWcdSS9v1giNjpQK_xRzI3IT8sX0p49aTv4Ns4UJ6jegna1j_dAVmKMyQeCiuOc2S0UOToY0GyD8pKi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC73bHcBBNY5rCHsXYz7sPpeaFqA2Y_NGxXLrzw-WFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yNTM2NTE1NzAyMjMzMjg4yAEJqQK8AWBcRs2kPqgDAaoE4AFP0L3dyTS6ThL5d-unKciECD27lX6ABAnP6wEC4OExABCGcYFRWsxLRHN8OcObiZBe2YTF_w39aBPIgz8YbS6qGoh2DMu91CYKa2Ut6X_j_xni3of7cH4ds8Qtelr-IxXWJ7Jdo6ik0IMq2aQAJV2161vMPZDk_T9EW-vDjkvy03m_NQoVPLZFm6bEUIqnIgIXlT91WgwGiWB_q87pKLe1_n5n0EL37v1LeJ2TYcaYurbgmyxJWRXOc3yDt3GL9hJKh95h0B6VEPAYcnmU2X0maKgQHhJsKY-2Iwl3yBDpV4AGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27gnJKIH0Ygh_1RHauCjV3slYwGg%26client%3Dca-pub-2536515702233288%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8ab329a865abc5abddad4cba488fa42c4315a26a05fc2f32a96ed3e633f5284c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 08:21:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=BwyR-4dXXCy8p1UvaEU-6hLgUXm7JaP5OTlbjirXeuZNPmOLZ4qGbb1gGviP6979NPPgp83Lqj9R-pzYMPW8areozORvzvAAknokhmMC__sGdDaNN2Ng2TOKAXlNr3t0EgV706SXNZkdQzcLeu8jueY23pS-aD6wehdBTTVOnq5U2q4JhnYI4ZjDf0crM1s8d7zqUQ0z84rKxcMPTcPIR3Ds64B5KQNniGWJYwR39ZOsDBMOCv0dZ5JSOjIP3YG6IoHR1A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 77044798
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 813C 3 KB
1 KB 519ms
182ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:16:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 813C 17 KB
8 KB 502ms
165ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:16:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 813C 152 KB
47 KB 504ms
168ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 08:21:06 GMT

GET
H3 200 AGSKWxUYm0vChDkIRkviXcoQTU6fc5R5VMrUGnU21vRTThsWupSs-Zsbv_P_i3Haat8ECzs53RYyXHHFC8ittDDbwdE6l61H-qnqyytyf203peXN0lZPWy7ARpC1udTue76Ybu20aCYSVw== Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 223ms
222ms Script
application/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUYm0vChDkIRkviXcoQTU6fc5R5VMrUGnU21vRTThsWupSs-Zsbv_P_i3Haat8ECzs53RYyXHHFC8ittDDbwdE6l61H-qnqyytyf203peXN0lZPWy7ARpC1udTue76Ybu20aCYSVw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY1OTk0ODY2LDIwNTAwMDAwMF0sIkNDQjgyQkQ4LTI3NTItNDIxNC05RUUzLTcwNzgwQzEzRjdEMCIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJwbCJdLCJodHRwczovL3Bhc3RlYmluLnBsL3ZpZXcvYjBmMzY2NWQiLG51bGwsW1s4LCJiSURTeWhXVmg2OCJdLFs5LCJlbi1HQiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e47d882db4ed6757cfb15823ceb69b86223926bf8c9e1f7f994d7df869c877d0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PaqLQ_GlsueQOfTs-Yb20A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PaqLQ_GlsueQOfTs-Yb20A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 813C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22905975e8096088274faa37550f2e62c3198bd61e6d5a7ef81eae97c035796a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 751F 2 KB
1 KB 514ms
169ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y00QcAAHoRoBc-xFAAFzJQLYJ5M5RTsrWWOqXg&u=%7CfPEI3tb1EPO3f6ZFoXlrQwFlRprVwMc3KgNZbk%2FlFf4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum_x3gx6EQQ-ZiPw0naFjcRpxaWansHMEmYyFOV6dhGW3vgBQHxmsgQmVCAOM_C5KQZ7Q1V6kZDFea93X0nVTadAtS8rhhzm06p2jdbSg1d15CogCVYKrwUfwZx-NmsA1Txhgpx7eTr3yiSjVVXOk17DEtelZbMzpA8gdBvxr_nm6KRdNtgnFu854e77WpIX85PqKjl0OOvPrkAjDOQQW_0xWUUjjXG4oUXlL5vJzFdq3ci6tJE3KqImutZEVMVfjmRi7JiQSOojLmsW3BJ5A3FdtO3rCrlbQ63oLnZCgi24g9K-PtGCnbXvV0Ne8tb2Up55WcynYfhVSSaO_ySLmIjcDotkK09ktVH2OA-zMsZkMoJ0qE59C243BKHXRXBKIZYNQO-dIS_Zbvw38VJqmQcPKdhxEV9uj9IkJOHyz8y03N5-q2G2IrIjPBHOqxu_QQ5SL8nxUi00Il81ByjW_1a8Rkztz57EffoqXhfLMnliUtbVKrhbWcdSS9v1giNjpQK_xRzI3IT8sX0p49aTv4Ns4UJ6jegna1j_dAVmKMyQeCiuOc2S0UOToY0GyD8pKi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC73bHcBBNY5rCHsXYz7sPpeaFqA2Y_NGxXLrzw-WFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yNTM2NTE1NzAyMjMzMjg4yAEJqQK8AWBcRs2kPqgDAaoE4AFP0L3dyTS6ThL5d-unKciECD27lX6ABAnP6wEC4OExABCGcYFRWsxLRHN8OcObiZBe2YTF_w39aBPIgz8YbS6qGoh2DMu91CYKa2Ut6X_j_xni3of7cH4ds8Qtelr-IxXWJ7Jdo6ik0IMq2aQAJV2161vMPZDk_T9EW-vDjkvy03m_NQoVPLZFm6bEUIqnIgIXlT91WgwGiWB_q87pKLe1_n5n0EL37v1LeJ2TYcaYurbgmyxJWRXOc3yDt3GL9hJKh95h0B6VEPAYcnmU2X0maKgQHhJsKY-2Iwl3yBDpV4AGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27gnJKIH0Ygh_1RHauCjV3slYwGg%26client%3Dca-pub-2536515702233288%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 751F 2 KB
1 KB 678ms
333ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 751F 308 B
637 B 512ms
168ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 751F 293 B
621 B 513ms
170ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 751F 43 B
348 B 514ms
171ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=DsWz7J8gcsn_DXxlc7dXyqL9IWeepgsQPVNTic5cNU1VPjVQBxQJ_4URMY7-6_-KSws7vBgNLn3XrGxOFclTKh3dVNQ8MyL4szFqe-mnpA3AizFA2A_I_IJBPeXYwAYYHpmDvYN2YUbwh9XJsKFS-a_igvAkTJFtsvPZu4-RdKnMlFboRJHZxeChHlajNULikh2pDbqXcfPHVsgAWkEb2i-Ymz6MJ1h-dP95G3W8JNmtZng73Ee0A94CYGN_BRK5__p6Jh3cxw25U3c5GE2bjHiAkxHsFx_TvOVrjygxxklVa1vm8ww-407lEmd-p0CejDGKNGl_wPNt6fHzW2SBT2lqLHteBWlQSVPGKP8VxXNh-vPj9zSiSh5kbnJwrjvBBE9O8H8AhJ4pBNPqaAQZGX8fOnKaJ_orQQ2a_0cR85sY9yn5PH_O9pv51Sbtx8QOLOa-PA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1907080
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 751F 12 KB
6 KB 260ms
170ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 107 KB
107 KB 906ms
561ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=1200&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F220908%2Feac4a02f551249d2ac03db865a139a74_bbnt-criteo-banners-wk07-spring-lookbooks-oceanhues-1200wx628h.png&v=3&w=1200&s=F02A3o-W_im97Oaw9OWMFiJz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

9be1b6593fe62ec13c325237c564788cd57c0e00573baf9c1a8ed994334763b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27745128
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 109300
expires: Sun, 03 Sep 2023 11:19:55 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 10 KB
10 KB 1062ms
717ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20245401-V08.jpg&v=3&w=400&s=2-0SAbNFsbRPV1XhySBqDiC0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9728
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 5 KB
5 KB 851ms
507ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21211901-P.jpg&v=3&w=400&s=vojLjflmvJrlioO4fxXctyo0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

262faed8d859296d9b39872bc8e015ed907d0df5b032d5cbbde96cbfee80346d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4982
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 12 KB
12 KB 957ms
613ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21884001-P.jpg&v=3&w=400&s=roDxCV90xqqZgimfWOvs5pvd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

0e80d108a03471e19c58630df0e57b07d49e434623bf52f24794917cae37737b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11944
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 17 KB
17 KB 684ms
340ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21362301-P.jpg&v=3&w=400&s=n5QwehC-Naq3GPwZEOhLKl_w&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

1e1ae96943f5749059601674c301b13013eb3d350cb49bc0145d658af3490ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17438
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 26 KB
26 KB 514ms
170ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21831601-P.jpg&v=3&w=400&s=k_ET6gIUUKG2_ZRNpLrqYmpo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

d01de661bf0061c1fa72e862ab99739332133ec6475b7113d2300237f18ff1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26818
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 6 KB
6 KB 785ms
785ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21694601-P.jpg&v=3&w=400&s=TR8A6ymKhLGmETp4R6m1qyA3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

90db864dcb32ddef74901c6045a02016b9a7043734aa08c32d75a34e7fb58995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6166
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 45 KB
45 KB 786ms
786ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F111%2F048%2FM_F-Jasmine-QQC.jpg%3F1616556638&v=3&w=400&s=98VCtqWjmfm4oZq-8JRIn6-2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5abe77aafce40f21ec291c67fb685730029e3c20c93826ee9ab4ae4399bc2e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45910
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 17 KB
17 KB 881ms
880ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F132%2F795%2FM_F-Dachsie-FQQC.jpg%3F1638225318&v=3&w=400&s=PORe6F0Va24XhL-NSfQ8BE1r&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

51d9c5060aaf97e5c5ed6a7145d5b51bb27f80eb7ad225d5be53ff83b9d82d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17178
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 4 KB
4 KB 880ms
879ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21434101-V01.jpg&v=3&w=400&s=TAqv-Jb8_tfcW_0c4DQn9Y9i&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

76ff98e43e98f4aee343da291a658d6f14ea9271121fb0b0686224313ac5992c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4066
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 22 KB
22 KB 849ms
849ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F109%2F635%2FM_F-Japanese-Wisteria-Cushion.jpg%3F1616126670&v=3&w=400&s=7rHhfyhH5NiVtsBZbK19zmyD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

b3a8e7754fb99286139fc5d35579edb0bba414eebfa5b514455b6d1b4bd34316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22538
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 12 KB
13 KB 886ms
885ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21831201-P.jpg&v=3&w=400&s=I0Wf3YrnXdnXZJIZuS_cQ7YH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5f930e8d218c9d98be8b602a4fbfdc19674b97f800db7dde2b8158cbe4e14fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12704
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 751F 16 KB
16 KB 881ms
881ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21891901-P.jpg&v=3&w=400&s=MWmUGrPRQszEy4j0JBB14rSh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

2ebd1ecfb1c0a43ac9d3810bad35c4bceee4812a174dd1e2a0f90a6469d77145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16180
expires: Thu, 12 Oct 2023 08:21:07 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 751F 0
128 B 512ms
169ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=BwyR-4dXXCy8p1UvaEU-6hLgUXm7JaP5OTlbjirXeuZNPmOLZ4qGbb1gGviP6979NPPgp83Lqj9R-pzYMPW8areozORvzvAAknokhmMC__sGdDaNN2Ng2TOKAXlNr3t0EgV706SXNZkdQzcLeu8jueY23pS-aD6wehdBTTVOnq5U2q4JhnYI4ZjDf0crM1s8d7zqUQ0z84rKxcMPTcPIR3Ds64B5KQNniGWJYwR39ZOsDBMOCv0dZ5JSOjIP3YG6IoHR1A&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 08:21:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 751F 2 KB
1 KB 169ms
168ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 751F 2 KB
1 KB 169ms
169ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 08:21:07 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 188ms
187ms Image
image/gif 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.179329419479405

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6KRpkFcfut5TWBz_b59N_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6KRpkFcfut5TWBz_b59N_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 182ms
182ms Image
image/gif 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.326741720612375

Requested by

Host: pastebin.pl
URL: https://pastebin.pl/view/b0f3665d

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BUeEcSPb4zlXy58QqYiLKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BUeEcSPb4zlXy58QqYiLKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 523ms
186ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0QBhYuAZkfwUie_Ez3_Qkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0QBhYuAZkfwUie_Ez3_Qkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 813C 42 B
174 B 471ms
169ms Fetch
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrnQTcCyodzgo_mQeQSumWIM3Sl7gcK0-iyG1rh7AEaOOvbSZsVR2oomSEAWhaNfTgLQmjOSRkKz3d00Kqb200S0Xi&sig=Cg0ArKJSzOjbMllHMDKgEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=796,1000,1000,1000,1000&tos=796,204,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665994865694&rpt=1077&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 08:21:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 751F 0
127 B 170ms
169ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 08:21:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 174ms
174ms XHR
application/json 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

60d32ac97f06f03aea5350eda70386f2088aaeb7bed865092c49de25bd0ff6e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11038
x-xss-protection: 0

GET
H3 200 adv03. Show response
fundingchoicesmessages.google.com/f/AGSKWxXMRlnuY6vgyMe5-7JmCIw1Mg0wtztgMmT50SVpMvn37e1WWBjXux5lx54StGaP4g1qDVwQo9gaPA64T3A3wrw4jZ21jv-9HKUgpd0hiq47JkboLZR0JkzKzDfUU8LQPWqppzYUnp_8ifNFKmSi3kG5-inGK... 54 B
106 B 185ms
184ms Script
application/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMRlnuY6vgyMe5-7JmCIw1Mg0wtztgMmT50SVpMvn37e1WWBjXux5lx54StGaP4g1qDVwQo9gaPA64T3A3wrw4jZ21jv-9HKUgpd0hiq47JkboLZR0JkzKzDfUU8LQPWqppzYUnp_8ifNFKmSi3kG5-inGKXRcn4sL-Tjh1qcroxcstGBUSQ2KcRi-/_.zw/ads//ad_blog./include/ad_/pagead2./adv03.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.bIDSyhWVh68.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwaF-dZHdhI738i3GaQe5WC887-Kg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

ae08e90e1d9e83d651fef30723009b17482a3ed1987da9ab0f7b84d372880aaf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u6SZHN5sqIIqOuJPPRKeVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u6SZHN5sqIIqOuJPPRKeVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
53 KB 185ms
185ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.bIDSyhWVh68.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwaF-dZHdhI738i3GaQe5WC887-Kg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

bcebac8626137d3d3321317bdf8ba62ce467790708993d867ce326073bd76a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54287
x-xss-protection: 0
server: cafe
etag: 9150117697593659351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 08:21:08 GMT

POST
H3 204 AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 183ms
183ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8qkflolqSdCQoVcixNn-3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8qkflolqSdCQoVcixNn-3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pastebin.pl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 471ms
170ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js?bust=31070290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 08:21:08 GMT

POST
H3 204 AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 184ms
184ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QnGWxr5CtcLingqefPucMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-QnGWxr5CtcLingqefPucMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 195ms
194ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SGqgBVGthZNVSYMbhIRLAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-SGqgBVGthZNVSYMbhIRLAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pastebin.pl
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 197ms
196ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpQmcCiF_zN1x1KNxf6h1i36wrocrJAI9e7n3Ub0bkysv6VdALZ4W7Hi5m9Ia_oewVY6RfIxELaf1-RkGHlIT4JGpluCWYvw0MlMVc7QyDfORj_mJVkCrfmOH3A1gCPdlQToWArw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-96osJRFzKNi2na-v2EXGZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-96osJRFzKNi2na-v2EXGZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWjbtYGpxOXuavnY4eRFjjCq2JtTtT01njGtUWpdoHsXMiMMJZhj7WDycJBjA8776_oxilBHsSv_cd_0zn-44WBPymZ9ngBnGhhVMwKhNSb7a4F8zL2J-HoZiGrfMGh7afHNrbsHw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 231ms
231ms Script
application/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWjbtYGpxOXuavnY4eRFjjCq2JtTtT01njGtUWpdoHsXMiMMJZhj7WDycJBjA8776_oxilBHsSv_cd_0zn-44WBPymZ9ngBnGhhVMwKhNSb7a4F8zL2J-HoZiGrfMGh7afHNrbsHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY1OTk0ODY4LDUxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicGwiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3L2IwZjM2NjVkIixudWxsLFtbOCwiYklEU3loV1ZoNjgiXSxbOSwiZW4tR0IiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

1bdcf22f6e7b71102dd70857b83dc88d15999dfabedf4ca789200a48722a7732

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eMaVQs0UJRL3n8W3M5XpeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pastebin.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:21:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eMaVQs0UJRL3n8W3M5XpeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AAF 13 KB
5 KB 174ms
172ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 6946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:25:23 GMT
expires: Tue, 17 Oct 2023 06:25:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DA6 783 B
1 KB 625ms
252ms Document
text/html 74.125.24.99

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.99 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

4b64cd7ec613f0f00bcfa3ce6de30d0d131d9c8a46a315899d899efb86cb5b46

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mr1HkuTWDDtd5YCB8EvVBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Mr1HkuTWDDtd5YCB8EvVBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 08:21:09 GMT
expires: Mon, 17 Oct 2022 08:21:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxVVepYWUsbJCRkb7UEPrfpHeX5oW7c-Ch7UKsJNw4YA9-YQIQOnRnBUPs-l8r75sMObZ4aCP5EYJGCPYRJgEqgqI3tKp2gPhkRXb54BeOK-uQynIK3T7cOrz49Kl4SBqxIXPFHQ7w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 189ms
189ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVepYWUsbJCRkb7UEPrfpHeX5oW7c-Ch7UKsJNw4YA9-YQIQOnRnBUPs-l8r75sMObZ4aCP5EYJGCPYRJgEqgqI3tKp2gPhkRXb54BeOK-uQynIK3T7cOrz49Kl4SBqxIXPFHQ7w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N3evor9UdXjovC6KGKOjjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-N3evor9UdXjovC6KGKOjjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVepYWUsbJCRkb7UEPrfpHeX5oW7c-Ch7UKsJNw4YA9-YQIQOnRnBUPs-l8r75sMObZ4aCP5EYJGCPYRJgEqgqI3tKp2gPhkRXb54BeOK-uQynIK3T7cOrz49Kl4SBqxIXPFHQ7w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 187ms
187ms XHR
text/html 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVepYWUsbJCRkb7UEPrfpHeX5oW7c-Ch7UKsJNw4YA9-YQIQOnRnBUPs-l8r75sMObZ4aCP5EYJGCPYRJgEqgqI3tKp2gPhkRXb54BeOK-uQynIK3T7cOrz49Kl4SBqxIXPFHQ7w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4DnbciIobF-Vr98pLbzIkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pastebin.pl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 08:21:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-4DnbciIobF-Vr98pLbzIkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pastebin.pl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AAF 36 KB
16 KB 169ms
168ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:05:22 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 2AAF 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 3DA6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?KrerzQ

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=3940100849374147&rc=

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastebin.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: cavmh1njc8n4kno62si9vmkl6i
.pastebin.pl/	1970-01-20 16:22:34	Name: _ga_88PKPGCEBF Value: GS1.1.1665994863.1.0.1665994863.0.0.0
.pastebin.pl/	1970-01-20 16:22:34	Name: _ga Value: GA1.1.1490074468.1665994864
.pastebin.pl/	1970-01-20 16:08:10	Name: __gads Value: ID=297fc66a3d5572b5-2226de4312d70072:T=1665994864:RT=1665994864:S=ALNI_MbwoyoOvA1UN87VShSsBpwRTVCpSg
.pastebin.pl/	1970-01-20 16:08:10	Name: __gpi Value: UID=00000b645277c372:T=1665994864:RT=1665994864:S=ALNI_MbqiBU2kYXEdDkE7XRF_QBgOCYR-Q
.doubleclick.net/	1970-01-20 16:22:34	Name: IDE Value: AHWqTUm6C8UczwtBxiPibKO4hXlk44QAvvVe_qz-1wFNwPxz8P1tiJ4hvupeE8cZygs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.as.criteo.com
adservice.google.com
adservice.google.com.au
cat.sg1.as.criteo.com
csm.as.criteo.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pastebin.pl
pix.as.criteo.net
rtb.jp2.as.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wykop.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
142.250.4.155
142.251.12.113
142.251.12.97
172.217.194.100
172.217.194.132
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.142
182.161.73.148
182.161.74.19
185.157.81.233
51.83.237.191
74.125.200.155
74.125.24.154
74.125.24.155
74.125.24.157
74.125.24.99
010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4
0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e80d108a03471e19c58630df0e57b07d49e434623bf52f24794917cae37737b
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1bdcf22f6e7b71102dd70857b83dc88d15999dfabedf4ca789200a48722a7732
1e1ae96943f5749059601674c301b13013eb3d350cb49bc0145d658af3490ac8
1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff
20625bdf201c82565138c0a931e87dd982f1f7b65cd11319c3cf50853656ea11
22905975e8096088274faa37550f2e62c3198bd61e6d5a7ef81eae97c035796a
262faed8d859296d9b39872bc8e015ed907d0df5b032d5cbbde96cbfee80346d
267d0e9052c5203808cafa9ccec76fb223e0c2f1d0e6831f220b5df5736ffc29
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5290a0b1ab76fc2445fc75647131bda4f5eff810a763b61b220e7c260efd62
2ebd1ecfb1c0a43ac9d3810bad35c4bceee4812a174dd1e2a0f90a6469d77145
37da3e03f40be2dbb7cd79886b4cd37e118b21ba1c9a34a8f7ddd8cfb2adb7c6
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
41d68f9cb7ad15b6383d72f6781deaacc4f33d697171183007e64d54bd22e1ad
474ae965195c84de5459fc6a111b8a98486c5a58cd99697f4fec99c9af403b3e
4966bf89dcd559f00dd1092d5462020afac60d3b5240910cfbdd4620cab1c905
49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43
4b64cd7ec613f0f00bcfa3ce6de30d0d131d9c8a46a315899d899efb86cb5b46
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d9c5060aaf97e5c5ed6a7145d5b51bb27f80eb7ad225d5be53ff83b9d82d9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59f3ca1a4877696bb7339ff601a89458b7e3492ded5c7793d1a982942d32add6
5abe77aafce40f21ec291c67fb685730029e3c20c93826ee9ab4ae4399bc2e84
5f930e8d218c9d98be8b602a4fbfdc19674b97f800db7dde2b8158cbe4e14fb9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60d32ac97f06f03aea5350eda70386f2088aaeb7bed865092c49de25bd0ff6e3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76ff98e43e98f4aee343da291a658d6f14ea9271121fb0b0686224313ac5992c
840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1
89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab329a865abc5abddad4cba488fa42c4315a26a05fc2f32a96ed3e633f5284c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90db864dcb32ddef74901c6045a02016b9a7043734aa08c32d75a34e7fb58995
9561b8f1034e64ab26b083f98323732cc150e669e02c9518ad124183a857a543
9674357773f5192646d00f4ca7b45460ead2b0c997a1640ed44a0d4d856ad705
9be1b6593fe62ec13c325237c564788cd57c0e00573baf9c1a8ed994334763b7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c
ae08e90e1d9e83d651fef30723009b17482a3ed1987da9ab0f7b84d372880aaf
b3a8e7754fb99286139fc5d35579edb0bba414eebfa5b514455b6d1b4bd34316
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bcebac8626137d3d3321317bdf8ba62ce467790708993d867ce326073bd76a5b
c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451
c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c
d01de661bf0061c1fa72e862ab99739332133ec6475b7113d2300237f18ff1d0
de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f
dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687
e1b67738f2dc041bf56ae3aa2b49cc9454b96f480b612256e48d56058be3fe2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d882db4ed6757cfb15823ceb69b86223926bf8c9e1f7f994d7df869c877d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6c340db5558b96167edcbbf7ea133b717e6d71b813fde415e624a1395d2e93c
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fb1b2ee674eaba9de02ebd75d30e4205ae157d84686b2525b98e1df2195c21a7

pastebin.pl Open in urlscan Pro 185.157.81.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

98 %HTTPS

0 %IPv6

12 Domains

19 Subdomains

19 IPs

4 Countries

1085 kBTransfer

2386 kBSize

6 Cookies

9 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastebin.pl Open in urlscan Pro
185.157.81.233 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

1085 kB
Transfer

2386 kB
Size

6
Cookies

84 HTTP transactions
1 data transactions