urlscan.io logo urlscan.io
SecurityTrails logo

paste1s.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3nEVTuB
Effective URL: https://paste1s.com/notes/2ZOJI4NM
Submission: On August 26 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 6 countries across 34 domains to perform 76 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is paste1s.com.
TLS certificate: Issued by R3 on August 9th 2022. Valid for: 3 months.
This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
8 151.139.128.10 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 151.139.128.11 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.38.64.100 16276 (OVH)
1 2.18.79.142 20940 (AKAMAI-ASN1)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
2 145.239.192.166 16276 (OVH)
1 51.89.9.251 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
1 54.229.37.204 16509 (AMAZON-02)
1 108.138.2.183 16509 (AMAZON-02)
1 199.232.16.193 54113 (FASTLY)
3 141.95.98.68 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.50.15.242 16509 (AMAZON-02)
2 2 37.252.173.27 29990 (ASN-APPNEX)
2 2 142.250.185.162 15169 (GOOGLE)
2 3.33.220.150 16509 (AMAZON-02)
2 2 34.250.101.124 16509 (AMAZON-02)
1 1 3.124.33.5 16509 (AMAZON-02)
1 1 92.123.37.164 16625 (AKAMAI-AS)
1 54.228.201.55 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 37.252.173.215 29990 (ASN-APPNEX)
1 2 185.86.137.110 201081 (SMARTADSE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
76 34
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
8    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
paste1s.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ssp.web1s.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    2.18.79.142 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-142.deploy.static.akamaitechnologies.com
ced.sascdn.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    54.229.37.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-37-204.eu-west-1.compute.amazonaws.com
p.cpx.to
1    108.138.2.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-183.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
1    199.232.16.193 (Vienna, Austria)

ASN54113 (FASTLY, US)
i.imgur.com
3    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
1    2600:9000:223e:9000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    52.50.15.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-15-242.eu-west-1.compute.amazonaws.com
s.cpx.to
2    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.250.101.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-101-124.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.124.33.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-33-5.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.228.201.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-201-55.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
275 KB
8 paste1s.com
paste1s.com
168 KB
7 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1891
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
22 KB
6 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 32241
215 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
2 KB
4 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9782
s.cpx.to — Cisco Umbrella Rank: 2250
5 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
6 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 463
3 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 508
2 KB
3 gstatic.com
fonts.gstatic.com
31 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1678
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
529 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
11 KB
2 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 33025
6 KB
2 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 29929
540 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
88 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
ajax.googleapis.com — Cisco Umbrella Rank: 286
31 KB
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 877
225 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 35256
522 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1005
754 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 461
532 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
646 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
1 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5706
732 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10546
32 KB
1 web1s.com
ssp.web1s.com — Cisco Umbrella Rank: 560293
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
42 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4733
348 B
76 34
Domain Requested by
8 pagead2.googlesyndication.com paste1s.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 paste1s.com paste1s.com
6 ads.themoneytizer.com paste1s.com
ads.themoneytizer.com
5 mwzeom.zeotap.com paste1s.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 s.cpx.to p.cpx.to
paste1s.com
3 id5-sync.com paste1s.com
3 gum.criteo.com 1 redirects ads.themoneytizer.com
3 fonts.gstatic.com fonts.googleapis.com
2 sync.smartadserver.com 1 redirects paste1s.com
2 dpm.demdex.net 2 redirects
2 match.adsrvr.org paste1s.com
2 cm.g.doubleclick.net 2 redirects
2 ib.adnxs.com 2 redirects
2 mug.criteo.com paste1s.com
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 spl.zeotap.com ads.themoneytizer.com
paste1s.com
2 c.tmyzer.com paste1s.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
paste1s.com
2 cdnjs.cloudflare.com paste1s.com
cdnjs.cloudflare.com
1 www.google.com tpc.googlesyndication.com
1 secure.adnxs.com 1 redirects
1 image2.pubmatic.com paste1s.com
1 adtrack.adleadevent.com paste1s.com
1 pixel.quantserve.com paste1s.com
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 i.imgur.com paste1s.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 ssp.web1s.com paste1s.com
1 www.googletagmanager.com paste1s.com
1 fonts.googleapis.com paste1s.com
1 bit.ly 1 redirects
76 43

This site contains links to these domains. Also see Links.

Domain
ssp.web1s.com
link1s.com
t.me
youtu.be
1shorten.com
kiemlua.com
Subject Issuer Validity Valid
paste1s.com
R3		 2022-08-09 -
2022-11-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
ssp.web1s.com
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
c.tmyzer.com
R3		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2022-06-13 -
2023-07-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://paste1s.com/notes/2ZOJI4NM
Frame ID: 9B2EB03930BD21D57A42E1275A106631
Requests: 62 HTTP requests in this frame

Frame: https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR
Frame ID: 03BC0C80651AD4E37341A62D95B9A3F8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Frame ID: F740070EB4A9CDD32D06B6B14247495A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661493037324
Frame ID: 3DD4C1D3CEDDA9CC8ED5E30F6A9D1F40
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&id=MTIZ
Frame ID: E22AC44E6028B5BB8EB499F7811BE2CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661493037&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661493037213&bpp=4&bdt=386&idt=480&shv=r20220824&mjsv=m202208230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4055796127504&frm=20&pv=2&ga_vid=1753711820.1661493037&ga_sid=1661493038&ga_hid=692532838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069109%2C31060047%2C31067825&oid=2&pvsid=4416811615530729&tmod=374739085&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=496
Frame ID: FD73BF7C5FF43E7023DCF9BA7D0DF2A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D2455AE6EBE4AB1EA85A3186E9C9BE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10AD282FFEC079F2E1B44F530023BA99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Note: Vô Đến Đây Không Xem Đừng Tiếc 🤣

Page URL History Show full URLs

  1. http://bit.ly/3nEVTuB HTTP 301
    https://paste1s.com/notes/2ZOJI4NM Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

88 %
HTTPS

41 %
IPv6

34
Domains

43
Subdomains

34
IPs

6
Countries

1718 kB
Transfer

3486 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3nEVTuB HTTP 301
    https://paste1s.com/notes/2ZOJI4NM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=wLxuCnxSaVRpenNaOXBRWWk5Ukd5VXlMSjllOSt2L09HNWNNMkFEdHZlaTZTbDB1UHFnUkhicm5BYXhvTWtzZ2RnN1JpY3piQThQbE5PdUNrZmNwbkZ1WGVDRjREZFNqWllaY1o2ZFJPNjdrZkMzZ1pUUE1lYnpmT25pRXMyUHVOcjI3SzFBb3IxVXdXclZmNmRiRWFvalRDWXpPUWFJbUdnNm95TE96L2p4ek4rQ2xmWVZtdVRFaXFLQlJQQktJSklvS2ZiWU5ReEEzbkpRYUI3anJhSmtPaEFmbTg4RVZ4YTNWMWR0TjJxelNyUDhrPXw&cppv=2
Request Chain 52
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3ec2f%26reqId%3D87a27e88-6b8f-466f-7084-b92b6c63c44b%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8932928217492394544&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJrji-I1MoC_xcLye2Hj-vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Request Chain 55
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3ec2f%26reqId%3D87a27e88-6b8f-466f-7084-b92b6c63c44b%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3ec2f%26reqId%3D87a27e88-6b8f-466f-7084-b92b6c63c44b%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=55034208282732989670780366270048795124&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Request Chain 56
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=P36wgGTmvp9ixP%2BA2pW4a5Kys8jINA%2Bd%2BS41iYitP1U%3D
Request Chain 57
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3ec2f%26reqId%3D87a27e88-6b8f-466f-7084-b92b6c63c44b%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f2886308-5f2d-4600-9e9c-3630d85f14a4&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Request Chain 63
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F2ZOJI4NM%26hn_ver%3D40%26fid%3D1c6e18ac-240d-4e86-9340-25c864d742c7 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8932928217492394544&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
Request Chain 64
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0&cklb=1
Request Chain 65
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&google_gid=CAESEPzKoN2KiwWO0l-hfZdNxzE&google_cver=1

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2ZOJI4NM
paste1s.com/notes/
Redirect Chain
  • http://bit.ly/3nEVTuB
  • https://paste1s.com/notes/2ZOJI4NM
25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
66cc89c823731936ef06680f0fec6c6110c863e93df5d86347ce657351ddb0d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Fri, 26 Aug 2022 05:50:36 GMT
server
fbs
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hw
1661493036.cds323.lo4.hn,1661493036.cds248.lo4.sc,1661493036.cdn2-wafbe04-lhr1.stackpath.systems.-.wx,1661493036.cds248.lo4.p
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=90
Content-Length
121
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Aug 2022 05:50:36 GMT
Location
https://paste1s.com/notes/2ZOJI4NM
Server
nginx
Via
1.1 google
css
fonts.googleapis.com/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 04:45:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Aug 2022 05:50:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Aug 2022 05:50:36 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
125833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F8%2B%2BmyzYwpMMfQGhwHrJ9mWLrdfGPA3zA%2B78LUDEs7Jtz96q6lsXIEQ1sb06upSWIC1R%2FBcHSTSPhJT7xxj%2FKi%2BqChlOwt6qWWrMZmD8CRVCHlMzQeZu6%2FhmUfV6P1HG9wyKvx3Rm8AGM2Aov98m98H"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
740a4a789e222325-ZRH
expires
Wed, 16 Aug 2023 05:50:36 GMT
app.css
paste1s.com/css/ 		143 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/notes/2ZOJI4NM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 01:57:45 GMT
server
fbs
etag
W/"62562e19-23c92"
x-frame-options
SAMEORIGIN
x-hw
1661493036.cds323.lo4.hn,1661493036.cds251.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
27999
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129758818-17
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34a8784fb036056e8ad20934fbef21f238fea599ec8377b94e32c1b6b1071155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42065
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Aug 2022 05:50:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8951ed5136f710685666d7d77d72c9525fceea256a3ebfacd9890e0716321b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Origin
https://paste1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58280
x-xss-protection
0
server
cafe
etag
18436089502264385542
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 05:50:37 GMT
logo.png
paste1s.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste1s.com/images/logo.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/notes/2ZOJI4NM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 03:04:33 GMT
server
fbs
etag
"62563dc1-5c8a"
x-frame-options
SAMEORIGIN
x-hw
1661493036.cds323.lo4.hn,1661493036.cds233.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
23690
x-xss-protection
1; mode=block
gen.js
ads.themoneytizer.com/s/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRmspXD/ShkAAA
x-accel-expires
@1661572963
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
6LgNyolCY7A
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
6474
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ 		104 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d01ebc933fa3aba1a0fba48261745c870f773ac282365870d7b41e12f661f29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRlbYxuh
x-accel-expires
@1661579437
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
VW41tb8CbA0
x-77-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
MISS
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRl0QwH/ShkAAA
x-accel-expires
@1661572963
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
QzHKyrJSB4I
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
6474
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ 		103 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0ce7014cd5c5f2eb1b059cc01de530ec6234ac33acada2b6e815df63013c401b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRm9KPWh
x-accel-expires
@1661579437
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
c+JdmjIvniU
x-77-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
MISS
x-77-pop
frankfurtDE
app.js
paste1s.com/js/ 		258 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/notes/2ZOJI4NM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 01:57:45 GMT
server
fbs
etag
W/"62562e19-40688"
x-frame-options
SAMEORIGIN
x-hw
1661493036.cds323.lo4.hn,1661493036.cds325.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
94951
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c6d30f145a2a0538f7e0560ec098f28f18b9b0410f725049d42c6ce8d5d23e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58188
x-xss-protection
0
server
cafe
etag
11356033885074595170
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 05:50:37 GMT
ser.php
ssp.web1s.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.web1s.com/ser.php?t=AADIV35&f=35&psc=
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
073658018d5a77ffc9f05df2b47d2b061daab141769f3c4bfc430948fec86ce0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1661493037.cds261.lo4.hn,1661493037.cds282.lo4.sc,1661493037.cds282.lo4.p
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
/
paste1s.com/sbbi/ Frame 03BC 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR&sbbgs=h4beff16c1433924a28af32a05744e5ec150&ddl=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
1b8a2dffc988c45a295dd58890334c5eb664fef304d7b95df7d6e8c673d6ccd9

Request headers

Referer
https://paste1s.com/notes/2ZOJI4NM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 Aug 2022 05:50:36 GMT
server
fbs
x-accel-expires
0
x-hw
1661493036.cds323.lo4.hn,1661493036.cds300.lo4.sc,1661493036.cdn2-wafbe03-lhr1.stackpath.systems.-.i,1661493036.cds300.lo4.p
/
paste1s.com/sbbi/ 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste1s.com/sbbi/?sbbpg=utMedia&vii=eh645bbe4f4fc1d6eca1c4c3b33922847a82b81acf3392eaf055f7e4e4fe358elcm1o5z0
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/notes/2ZOJI4NM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Fri, 26 Aug 2022 05:50:36 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1661493036.cds323.lo4.hn,1661493036.cds083.lo4.sc,1661493036.cdn2-wafbe01-lhr1.stackpath.systems.-.i,1661493036.cds083.lo4.p
content-type
image/gif
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://paste1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
125504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7zDT9DY7Mrde5W0NLI6aYrrk9f%2BpfUvePm5sDRiBmsP%2F7ed2x%2FI79nrPnij6eXQfbvGd6TV1yGum%2BuROYahDEFt4zuryEAu5DXGm3eL3GMkBUTTPxitUDgjTP23o7kgK8bjvuXs3C%2BmSKNXX4amBG1G"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
740a4a791afe23df-ZRH
expires
Wed, 16 Aug 2023 05:50:36 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 21:31:00 GMT
x-content-type-options
nosniff
age
289176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 21:31:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2917
date
Fri, 26 Aug 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Aug 2022 07:02:00 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRmDiPb/SxkAAA
pragma
public
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
rZPihDrxuE0
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
6475
x-77-pop
frankfurtDE
x-accel-expires
@1662523362
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/ 		342 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b47a5b75808b8587b20db70e1fcbefba035bf64f7df9df4a5613c00b4b1b7d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125071
x-xss-protection
0
server
cafe
etag
15480083955430618425
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 05:50:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/ Frame F740 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 23:08:19 GMT
etag
8616628553774171045
expires
Thu, 08 Sep 2022 23:08:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93800&f=1&fi=99
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 26 Aug 2022 05:50:37 GMT
Server
nginx
X-IPLB-Request-ID
D940971C:961E_36264064:01BB_63085F2D_D0CF5CD:AF13
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 05:50:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Fri, 26 Aug 2022 06:05:37 GMT
sync
gum.criteo.com/ 		49 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1622
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
740a4a7bb91801f4-ZRH
date
Fri, 26 Aug 2022 05:50:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 05:50:37 GMT
Last-Modified
Thu, 07 Oct 2021 11:26:48 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D940971C:9150_91EFC0A6:01BB_63085F2D_6C16119D:232FB
ETag
"615ed978-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 3DD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661493037324
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 02 Sep 2022 05:50:37 GMT
px.js
p.cpx.to/p/12771/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12771/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.37.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-37-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 05:50:37 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-183.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 00:47:53 GMT
Via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
18165
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
zWu_b9dJncImHOVQc3n8MoFmAx3SQKiffh4mknANzqwa1PoxTXrmaw==
prebid.js
ads.themoneytizer.com/moneybid7_10/build/dist/ 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
933986aac7340244fe7626ade14f974ba7c73e3301a9db8fa9dad6a94aded99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRlDBIv/ShkAAA
pragma
public
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
br
etag
W/"62fba81a-9db2c"
last-modified
Tue, 16 Aug 2022 14:22:18 GMT
server
CDN77-Turbo
x-77-nzt-ray
+O6m7wCcunY
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
6474
x-77-pop
frankfurtDE
x-accel-expires
@1662523363
OEZsMYD.gif
i.imgur.com/ 		731 KB
732 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OEZsMYD.gif
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
156c6fc3bf87af5d4ee2c1319640bb5dcf0c7c767094f0d0202f2e49c4d29888
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
x-content-type-options
nosniff
age
1985748
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
748986
x-served-by
cache-iad-kcgs7200085-IAD, cache-vie6365-VIE
last-modified
Wed, 16 Mar 2022 03:55:04 GMT
server
cat factory 1.0
x-timer
S1661493037.423567,VS0,VE0
etag
"6ed8663d887454f72eeab3fe9f1c3130"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 69
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93800&f=2&fi=99
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 26 Aug 2022 05:50:37 GMT
Server
nginx
X-IPLB-Request-ID
D940971C:961E_36264064:01BB_63085F2D_D0CF5CF:AF13
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 04:23:14 GMT
x-content-type-options
nosniff
age
264443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12736
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 04:23:14 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=692532838&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ul=en-us&de=UTF-8&dt=Note%3A%20V%C3%B4%20%C4%90%E1%BA%BFn%20%C4%90%C3%A2y%20Kh%C3%B4ng%20Xem%20%C4%90%E1%BB%ABng%20Ti%E1%BA%BFc%20%F0%9F%A4%A3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=386098058&gjid=1613103804&cid=1753711820.1661493037&tid=UA-129758818-17&_gid=1927185624.1661493037&_r=1&gtm=2ou8o0&z=1101610653
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paste1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:03:27 GMT
x-content-type-options
nosniff
age
89230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4252
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:27:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 05:03:27 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:47:44 GMT
content-encoding
gzip
age
174
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
SPXXEj2RkIviDjU2QXrmCYf4VdOOgXpjhH5BBO7SlQuj6eaBKgWkKA==
wckr.php
tag.leadplace.fr/ Frame E22A 		0
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Aug 2022 05:50:37 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
30196
X-IPLB-Request-ID
D940971C:9150_91EFC0A6:01BB_63085F2D_6C1611A3:232FB
/
spl.zeotap.com/ 		2 KB
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d58fe85057385e65174dc89c9c6ca10d08b8895ab3257f04a95544c38b07edc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
740a4a7d8e2401f4-ZRH
date
Fri, 26 Aug 2022 05:50:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
102.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
43fa8b3cd619b9d8361c2d116d022be51fbc53da84316249e0491d6eb67b3c43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paste1s.com
date
Fri, 26 Aug 2022 05:50:37 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		215 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=paste1s.com&callback=_gfp_s_&client=ca-pub-9792971117783742
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
97906df2ed55d8e8bf8fe1e2c9d0e99e5edc258bcfdabde582560c6b0bd50e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=paste1s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paste1s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 05:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&tn=SPAN&id=footerbanner58A&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FD73 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661493037&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661493037213&bpp=4&bdt=386&idt=480&shv=r20220824&mjsv=m202208230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4055796127504&frm=20&pv=2&ga_vid=1753711820.1661493037&ga_sid=1661493038&ga_hid=692532838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069109%2C31060047%2C31067825&oid=2&pvsid=4416811615530729&tmod=374739085&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 05:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paste1s.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 26 Aug 2022 05:50:36 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1119
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=wLxuCnxSaVRpenNaOXBRWWk5Ukd5VXlMSjllOSt2L09HNWNNMkFEdHZlaTZTbDB1UHFnUkhicm5BYXhvTWtzZ2RnN1JpY3piQThQbE5PdUNrZmNwbkZ1WGVDRjREZFNqWllaY1o2ZFJPNjdrZkMzZ1pUUE1lYnpmT25pRX...
342 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wLxuCnxSaVRpenNaOXBRWWk5Ukd5VXlMSjllOSt2L09HNWNNMkFEdHZlaTZTbDB1UHFnUkhicm5BYXhvTWtzZ2RnN1JpY3piQThQbE5PdUNrZmNwbkZ1WGVDRjREZFNqWllaY1o2ZFJPNjdrZkMzZ1pUUE1lYnpmT25pRXMyUHVOcjI3SzFBb3IxVXdXclZmNmRiRWFvalRDWXpPUWFJbUdnNm95TE96L2p4ek4rQ2xmWVZtdVRFaXFLQlJQQktJSklvS2ZiWU5ReEEzbkpRYUI3anJhSmtPaEFmbTg4RVZ4YTNWMWR0TjJxelNyUDhrPXw&cppv=2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3b47b90b2ff7e6e983abfc5b058bcdc610c3fd0cfb5b78a4b81479dee973b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2911
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:36 GMT
location
https://mug.criteo.com/sid?cpp=wLxuCnxSaVRpenNaOXBRWWk5Ukd5VXlMSjllOSt2L09HNWNNMkFEdHZlaTZTbDB1UHFnUkhicm5BYXhvTWtzZ2RnN1JpY3piQThQbE5PdUNrZmNwbkZ1WGVDRjREZFNqWllaY1o2ZFJPNjdrZkMzZ1pUUE1lYnpmT25pRXMyUHVOcjI3SzFBb3IxVXdXclZmNmRiRWFvalRDWXpPUWFJbUdnNm95TE96L2p4ek4rQ2xmWVZtdVRFaXFLQlJQQktJSklvS2ZiWU5ReEEzbkpRYUI3anJhSmtPaEFmbTg4RVZ4YTNWMWR0TjJxelNyUDhrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1631
content-length
482
expires
0
12.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
774202ffe96d6700fc208476411b1df70e66003af0cc88802d20009c8773b338
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paste1s.com
date
Fri, 26 Aug 2022 05:50:37 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 00:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 00:23:23 GMT
fire.js
s.cpx.to/ 		857 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.15.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-15-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3bd391e4dd300911f9bda6a6980eb6edf066074f1d6296817b91f22861bf75d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 26 Aug 2022 05:50:37 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
857
Expires
Tue, 23 Aug 2022 15:22:10 UTC
/
paste1s.com/sbbi/ Frame 03BC 		516 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR&sbbgs=h4beff16c1433924a28af32a05744e5ec150&ddl=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://paste1s.com
Referer
https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR&sbbgs=h4beff16c1433924a28af32a05744e5ec150&ddl=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 Aug 2022 05:50:37 GMT
server
fbs
x-accel-expires
0
x-hw
1661493037.cds323.lo4.hn,1661493037.cds298.lo4.sc,1661493037.cdn2-wafbe01-lhr1.stackpath.systems.-.i,1661493037.cds298.lo4.p
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3e...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8932928217492394544&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=8932928217492394544&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
740a4a7f09a001f4-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Fri, 26 Aug 2022 05:50:37 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
333cb632-981f-4f3e-9a02-29144211ba4b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=8932928217492394544&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJrji-I1MoC_xcLye2Hj-vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-708...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJrji-I1MoC_xcLye2Hj-vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
740a4a7f09ab01f4-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJrji-I1MoC_xcLye2Hj-vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6ac660fa-79fe-40df-696d-4ca5f4c3ec2f%26reqId%3D87a27e88-6b8f-466f-7084-b92b6c63c44b%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=55034208282732989670780366270048795124&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=55034208282732989670780366270048795124&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
740a4a843d4c01f4-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v038-0a54615c3.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HiJ9f5pgQs4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=55034208282732989670780366270048795124&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=P36wgGTmvp9ixP%2BA2pW4a5Kys8jINA%2Bd%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=P36wgGTmvp9ixP%2BA2pW4a5Kys8jINA%2Bd%2BS41iYitP1U%3D
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
740a4a7f09a401f4-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=P36wgGTmvp9ixP%2BA2pW4a5Kys8jINA%2Bd%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D6a...
  • https://mwzeom.zeotap.com/mw?cid=f2886308-5f2d-4600-9e9c-3630d85f14a4&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f2886308-5f2d-4600-9e9c-3630d85f14a4&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
740a4a800c1801f4-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 26 Aug 2022 05:50:38 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=f2886308-5f2d-4600-9e9c-3630d85f14a4&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=6ac660fa-79fe-40df-696d-4ca5f4c3ec2f&reqId=87a27e88-6b8f-466f-7084-b92b6c63c44b&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 26 Aug 2022 05:50:37 GMT
pixel;r=775429094;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM;uht=2;fpan=1;fpa=P0-149858110-1661493037834;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=775429094;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM;uht=2;fpan=1;fpa=P0-149858110-1661493037834;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=paste1s.com;dst=0;et=1661493037834;tzo=0;ogl=title.Online%20Notepad%2Cdescription.note1s%252Ecom%20is%20your%20online%20notepad%20on%20the%20web%252E%20It%20allows%20you%20to%20store%20notes%20on%20th%2Cimage.https%3A%2F%2Flh3%252Egoogleusercontent%252Ecom%2Fproxy%2FFbbmTTxOezBpLsfx2__U9Iirj6ntJFpFNrjuFVOH%2Clocale.en_US%2Ctype.website%2Csite_name.Online%20Notepad;ses=4a36ae1d-aaac-461e-8ec4-7244783c89ff
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.201.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-201-55.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://paste1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Aug 2022 05:50:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Aug 2022 05:50:38 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://paste1s.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wLxuCnxSaVRpenNaOXBRWWk5Ukd5VXlMSjllOSt2L09HNWNNMkFEdHZlaTZTbDB1UHFnUkhicm5BYXhvTWtzZ2RnN1JpY3piQThQbE5PdUNrZmNwbkZ1WGVDRjREZFNqWllaY1o2ZFJPNjdrZkMzZ1pUUE1lYnpmT25pRXMyUHVOcjI3SzFBb3IxVXdXclZmNmRiRWFvalRDWXpPUWFJbUdnNm95TE96L2p4ek4rQ2xmWVZtdVRFaXFLQlJQQktJSklvS2ZiWU5ReEEzbkpRYUI3anJhSmtPaEFmbTg4RVZ4YTNWMWR0TjJxelNyUDhrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 26 Aug 2022 05:50:37 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1077
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
paste1s.com/sbbi/ Frame 03BC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
bd629b91a212f83afcab615e859b8f4b41e4182fc6f4fd46da981d93dd4217bc

Request headers

Referer
https://paste1s.com/sbbi/?sbbpg=sbbShell&gprid=ZR&sbbgs=h4beff16c1433924a28af32a05744e5ec150&ddl=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 Aug 2022 05:50:37 GMT
server
fbs
x-accel-expires
0
x-hw
1661493037.cds323.lo4.hn,1661493037.cds278.lo4.sc,1661493037.cdn2-wafbe01-lhr1.stackpath.systems.-.i,1661493037.cds278.lo4.p
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1c6e18ac-240d-4e86-9340-25c864d742c7
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:29:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F2ZOJI4NM%26hn_ver%3D40%26fid%3...
  • https://s.cpx.to/an_fire?app_nexus_uid=8932928217492394544&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8932928217492394544&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Server
52.50.15.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-15-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 26 Aug 2022 05:50:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 26 Aug 2022 05:50:38 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 26 Aug 2022 05:50:38 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4d3ae0a-ac48-4fd3-bea7-1d3b59287b95
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8932928217492394544&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&hn_ver=40&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0&cklb=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&gdpr=0&cklb=1
pragma
no-cache
date
Fri, 26 Aug 2022 05:50:37 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7
  • https://s.cpx.to/ca.png?dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&google_gid=CAESEPzKoN2KiwWO0l-hfZdNxzE&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&google_gid=CAESEPzKoN2KiwWO0l-hfZdNxzE&google_cver=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
HTTP/1.1
Server
52.50.15.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-15-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 26 Aug 2022 05:50:38 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=1c6e18ac-240d-4e86-9340-25c864d742c7&google_gid=CAESEPzKoN2KiwWO0l-hfZdNxzE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Aug 2022 05:50:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220824&st=env
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/2ZOJI4NM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c9cf59529265a1dc473476c0419ed9d3bf30ded9008378139b3427fd1b20f55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Aug 2022 05:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11038
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=paste1s.com&bust=31069109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Aug 2022 05:50:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D24 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 05:28:50 GMT
expires
Sat, 26 Aug 2023 05:28:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 10AD 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed63bc2c6df6e69c8aa08d0f30c56fa3349efa6536e975691138e374897cd90d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3g4KX1QGCPbkDrnzjnFaWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3g4KX1QGCPbkDrnzjnFaWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 05:50:39 GMT
expires
Fri, 26 Aug 2022 05:50:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
pagead2.googlesyndication.com/bg/ Frame 6D24 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15802
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:15:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 10AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220824&jk=4416811615530729&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6D24 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?di1qAw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 05:50:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220824&jk=4416811615530729&bg=!nZ6lntrNAAaXrHhMt6w7ACkAdvg8Wra6lPWOokYamf2lCixubDi-ieV_4VsgGtVRohVGRDj21VG6LAIAAABOUgAAAANoAQeZAt3YIYaJf08PYUJ7ufKKceYr4aO4XHpPvW8iNKbqnw_wVGqTktv9lY06ngZZ41Wn7I4zdiPtkVSVrqb2akCVb7HdfwQWwZtnOZQltSC2btVRHwDRSGog16LFOsmY21b1sQAY2f74db0eX6cXKOqf5LJsGd91sQNR257EwS1uaUtblIUTdw7gYupNDuOzcFfNfAr0KgjzQvPxbpeymOuuQnFC2qAkupimQbMh9Js0yomd6ck5HrYmMc1c3gq7LMfbqa7yvEJVgz98DOfNtML2RlhQ5xHLI9t36SsXzk9epXMR01CxiozatiiMN6QmS04vxeF6xU6z56yMFIq_SfiSqFPXEzPW612D4bHBboDYNonoFRK3EODgqhlfMklQMHO-NNuMRdKLzlZMUIjEH9Efe9cVzFP_ltK5PW6nUWIfZ7kIZJabAbcIJaPC6RixQAxptHR1JTFoc4VHnvFshjGh8oX5TXXX8u4JDkjcpMUJ-dpARp0LiWrRIG2h4ao61CoQ1VyW9KE0JV649aWTNSKygMnPwDslDAcE76e-xpoJj4oM6h85Sk-JD2Jnpo6tqqcugECfZGufSfDFYvRutUI2yhHqQkcfu40m2RRgG-siHRuUX0SZp60_IYb2ZipbA8s__BJQwj9nPLGyjaGctp9ImOO9-wsTh6X9DF695pxVi-dHALEZmVYce_RNEJnjKJsrsO6lVpVCx37lVYXp-LCQbGW0aTM7XxkQDwXvzmS5KfjQ2ANDgglUKZo2Y1kkDZ4y1kP9Yq0n_k2GWID_Ib-815vMfg9cBaRm8HYK4yd7iPQc8l0bQYSFnWwSrCvbLQMaJObeYSA1VXiD6G0S6YTazHjisSvOfDKy7DlIuDMmjd2Wr_lazJDqdEsYdo2qWGhZ8F6-QXTlqRTszuQ6RVuheHmXvAz4c4np1Uwc3zQMtXD_eC51s35coL0KMn1KeBNv3N_4r8R-qiOKw1BFCASv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer string| k object| ca string| psc string| c object| s string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| amb_sC function| amb_gC function| amb_rI function| amb_sH function| refreshVisibility26300 function| Adcall_26300 object| gaplugins object| gaGlobal object| gaData function| _ function| Popper function| jQuery function| $ function| axios function| MobileDetect object| md function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| libJsLeadPlace function| mapperjs object| __core-js_shared__ boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_video object| pubstack_publica number| bidder_geo undefined| bid undefined| vastUrl object| targetingParams boolean| sbrmp object| GoogleGcLKhOms

41 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m7q5OA-58ad6305429b9e39f5-00a
paste1s.com/ Name: SPSI
Value: e65b44cdeaccb32878b1c39ef5feef38
paste1s.com/ Name: SPSE
Value: nmqxcnuxJ9XKpEvbAwYQK1zuDnjYRhVSgAAxcLBImAa5muF9hYx+RpvvMT9NGp46stZ0L6HyalXmarlnK4M1gA==
paste1s.com/ Name: spcsrf
Value: 6d2ba4138ae03b94905369421bd16f63
paste1s.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlMrcG5XSHpqa0xIcW96SmY4Uk9LQkE9PSIsInZhbHVlIjoiNDBqNnBYVDRtek5VOWdaU3V4THJuWnJhZGNuZ1JoVVppVmg4SkROMGpJdHRiZ3daODhyS3B3OTlwdEk0b0kxS1V1Sm9FOHBmZzFPV2lXR3I5TkJ0dmh3RjQrZGNiZ2d5RTZqY0NXbVhibFFtc1V6THo3VWtId1RJWlNXR1oyeW4iLCJtYWMiOiIwMWMyMzdlMGE1NDMzZDdlY2YzY2QxZDkyMTVjYzA5NWQ3MjUxZTA5NWUyYTE3Y2Y4MWM5ODUyNWY5N2Q3YTZkIn0%3D
paste1s.com/ Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session
Value: eyJpdiI6IlUrMVBvY3R1SDN6MXYvZjJlT3Fabmc9PSIsInZhbHVlIjoiZmMweGE5L1ZnSjc1blVTRVcwa1E2V0R1MnNnb2kvQmhyc3lGeGxzcjM1M2F5VVpiODBGOFREK0hDbytLSzJHQnJRcUFwYU1Sd0hmT2FqcUhmc255SW4rdjJGUkppc3VhbXZFenp1RjVQKzlGVjh4THlzbVB2NUk1MC95Q29nNGYiLCJtYWMiOiJiMWEyZDA4Y2VjMGFmYzkxOGFmNmVkYTFiNjA4MWU1NzcyN2I1ZjQ5M2ZlOWE4NmViZWE0ZDNlMTFmMzllYjI3In0%3D
paste1s.com/ Name: sp_lit
Value: nqQQKm0OHxfwj/3GwwmBeA==
paste1s.com/ Name: PRLST
Value: ZR
paste1s.com/ Name: UTGv2
Value: h4beff16c1433924a28af32a05744e5ec150
paste1s.com/ Name: adOtr
Value: 4b64ed5ecca
.paste1s.com/ Name: _ga
Value: GA1.2.1753711820.1661493037
.paste1s.com/ Name: _gid
Value: GA1.2.1927185624.1661493037
.paste1s.com/ Name: _gat_gtag_UA_129758818_17
Value: 1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.zeotap.com/ Name: zc
Value: 6ac660fa-79fe-40df-696d-4ca5f4c3ec2f
.zeotap.com/ Name: zsc
Value: %B1%C0%B9%13%3DO%CC%0FY%EE%87E%B8%5B%5C%F6%26%2A%07%C3fl%28%F6%D3%95u%12%18%F5+o%2B%3F%5E%86%DAsi%8AS%BC%B3%C3o%C9%91%3E%B8%F1Sv%1Bf%B3%85%F5%12k%7BSV%E8i%2A%C9%F2%F6h%17%CFN%99%DC%22%AA%12%E5i%8D%91e%0B%97A%DD%92%B9%9F%F4%11%A7%83%A3%B7%DE%04%40%27%90%D0%0C%E2H%DC
paste1s.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.paste1s.com/ Name: sharedid
Value: eec0f811-995c-41ef-8098-780d9d4250d0
paste1s.com/ Name: qcSxc
Value: 1661493037835
.paste1s.com/ Name: __gads
Value: ID=b8cd08da0647bbe5-22947e8d05ce0066:T=1661493037:RT=1661493037:S=ALNI_MbVBhxh-qXUk1M1Yjhz3CqEsr7Cjg
.quantserve.com/ Name: mc
Value: 63085f2d-d4952-05713-211dd
.paste1s.com/ Name: __qca
Value: P0-149858110-1661493037834
.adnxs.com/ Name: uuid2
Value: 8932928217492394544
.agkn.com/ Name: ab
Value: 0001%3Aj3%2F2oTDeFZAjH80e7OK%2FG2FWvWQ7CRxz
.doubleclick.net/ Name: IDE
Value: AHWqTUkBjaX321RGhZ4d7sLEwyYbtTZ7Ad7OlzVpDoHHGytqI-ol8fg96QdKVyU-1SY
.cpx.to/ Name: cpSess
Value: 5209e00199ba870a
.mathtag.com/ Name: uuid
Value: f2886308-5f2d-4600-9e9c-3630d85f14a4
.cpx.to/ Name: dsp_app_nexus
Value: 8932928217492394544#1661493038071
.cpx.to/ Name: dsp_dbm
Value: CAESEPzKoN2KiwWO0l-hfZdNxzE#1661493038110
.paste1s.com/ Name: cto_bundle
Value: 3QfBtV9IeG5idCUyRkVMYXIlMkYzNmg3cEpzTUhFZDNNV2FaU3VlYXZvMTB2VTRXSmI2YXZ0RTU5N3hZZzhxcGE0dFloMVV5SGFFZVJjM1B2RWdRTE9NOVRxR2VsYktBT1VDNDIzWWtQOWxoWE5OMjRodFp5NVl1VDZVRGJUM2l0TXVtNHRJdGs
.paste1s.com/ Name: cto_bidid
Value: tSsic19hT3Q3ZDRYU28ydzNseEVHOTNvR2s3OE9ZNWduZCUyRktmMUloZDFwek16YWdKcHcxVXREd2ZLZ210RiUyQnlOZ2QxUFlobExvVEt2Y2NBUVI2WmJqOXNlVFElM0QlM0Q
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 3956646950014967490
.demdex.net/ Name: demdex
Value: 55034208282732989670780366270048795124
.dpm.demdex.net/ Name: dpm
Value: 55034208282732989670780366270048795124

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792971117783742&output=html&adk=1812271804&adf=3025194257&lmt=1661493037&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F2ZOJI4NM&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661493037213&bpp=4&bdt=386&idt=480&shv=r20220824&mjsv=m202208230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4055796127504&frm=20&pv=2&ga_vid=1753711820.1661493037&ga_sid=1661493038&ga_hid=692532838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069109%2C31060047%2C31067825&oid=2&pvsid=4416811615530729&tmod=374739085&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=496
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.themoneytizer.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
ajax.googleapis.com
bit.ly
c.tmyzer.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
paste1s.com
pixel.mathtag.com
pixel.quantserve.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssp.web1s.com
sync.smartadserver.com
tag.leadplace.fr
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.2.183
141.95.98.68
142.250.185.162
142.250.186.162
145.239.192.166
151.139.128.10
151.139.128.11
178.250.0.157
185.64.189.110
185.86.137.110
199.232.16.193
2.18.79.142
2600:9000:223e:9000:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700::6811:180e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a02:2638::1c
2a02:6ea0:c700::18
3.124.33.5
3.33.220.150
34.250.101.124
37.252.173.215
37.252.173.27
51.89.9.251
52.50.15.242
54.228.201.55
54.229.37.204
54.38.64.100
67.199.248.10
92.123.37.164
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
073658018d5a77ffc9f05df2b47d2b061daab141769f3c4bfc430948fec86ce0
0b47a5b75808b8587b20db70e1fcbefba035bf64f7df9df4a5613c00b4b1b7d8
0ce7014cd5c5f2eb1b059cc01de530ec6234ac33acada2b6e815df63013c401b
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9
156c6fc3bf87af5d4ee2c1319640bb5dcf0c7c767094f0d0202f2e49c4d29888
1b8a2dffc988c45a295dd58890334c5eb664fef304d7b95df7d6e8c673d6ccd9
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
34a8784fb036056e8ad20934fbef21f238fea599ec8377b94e32c1b6b1071155
3b47b90b2ff7e6e983abfc5b058bcdc610c3fd0cfb5b78a4b81479dee973b80b
3c6d30f145a2a0538f7e0560ec098f28f18b9b0410f725049d42c6ce8d5d23e5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
43fa8b3cd619b9d8361c2d116d022be51fbc53da84316249e0491d6eb67b3c43
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d58fe85057385e65174dc89c9c6ca10d08b8895ab3257f04a95544c38b07edc
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66cc89c823731936ef06680f0fec6c6110c863e93df5d86347ce657351ddb0d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
774202ffe96d6700fc208476411b1df70e66003af0cc88802d20009c8773b338
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8951ed5136f710685666d7d77d72c9525fceea256a3ebfacd9890e0716321b7c
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
933986aac7340244fe7626ade14f974ba7c73e3301a9db8fa9dad6a94aded99c
97906df2ed55d8e8bf8fe1e2c9d0e99e5edc258bcfdabde582560c6b0bd50e7b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9c9cf59529265a1dc473476c0419ed9d3bf30ded9008378139b3427fd1b20f55
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
bd629b91a212f83afcab615e859b8f4b41e4182fc6f4fd46da981d93dd4217bc
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
d01ebc933fa3aba1a0fba48261745c870f773ac282365870d7b41e12f661f29e
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd391e4dd300911f9bda6a6980eb6edf066074f1d6296817b91f22861bf75d
ed63bc2c6df6e69c8aa08d0f30c56fa3349efa6536e975691138e374897cd90d