pastebin.com Open in urlscan Pro
2606:4700:10::6817:63be Public Scan

URL:
https://pastebin.com/
Submission: On March 23 via api (March 23rd 2020, 7:49:24 am UTC) from CH

Summary HTTP 99 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 19 domains to perform 99 HTTP transactions. The main IP is 2606:4700:10::6817:63be, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 18th 2019. Valid for: a year.

This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:10:... 2606:4700:10::6817:63be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
5	212.124.124.9 212.124.124.9	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
7	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2606:4700:20:... 2606:4700:20::681a:a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	91.228.74.143 91.228.74.143	27281 (QUANTCAST) (QUANTCAST)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.33.223.200 185.33.223.200	29990 (ASN-APPNEX) (ASN-APPNEX)
2	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
4 10	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2	95.101.184.244 95.101.184.244	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	74.214.194.140 74.214.194.140	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2	54.229.35.82 54.229.35.82	16509 (AMAZON-02) (AMAZON-02)
6 6	52.58.138.174 52.58.138.174	16509 (AMAZON-02) (AMAZON-02)
6 10	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
99	23

35 2606:4700:10::6817:63be (United States)

ASN13335 (CLOUDFLARENET, US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.124.124.9 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)

aj2073.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.143 (United Kingdom) 2 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.200 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 152.199.22.24 (United States) 4 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.184.244 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-244.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.140 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.35.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-35-82.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.138.174 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-174.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.126.56.137 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	pastebin.com pastebin.com	156 KB
16	advertising.com 10 redirects adserver-us.adtech.advertising.com pixel.advertising.com	5 KB
13	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	248 KB
12	yahoo.com 8 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	10 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	124 KB
5	aj2073.online aj2073.online	16 KB
4	openx.net pixfuture2-d.openx.net eu-u.openx.net	934 B
4	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	170 B
4	contextweb.com bid.contextweb.com bh.contextweb.com	531 B
4	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
4	quantserve.com 2 redirects pixel.quantserve.com	2 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	102 B
2	adsrvr.org match.adsrvr.org	528 B
2	mgid.com prebid.mgid.com	641 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	28 KB
99	19

	Domain	Requested by
35	pastebin.com	pastebin.com
10	ups.analytics.yahoo.com	6 redirects
10	adserver-us.adtech.advertising.com	4 redirects
7	served-by.pixfuture.com	aj2073.online served-by.pixfuture.com cdn.pixfuture.com pastebin.com
6	pixel.advertising.com	6 redirects
6	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
5	aj2073.online	pastebin.com aj2073.online
4	pagead2.googlesyndication.com	cdn.pixfuture.com pagead2.googlesyndication.com
4	pixel.quantserve.com	2 redirects pastebin.com served-by.pixfuture.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	cdn.pixfuture.com
2	eu-u.openx.net	cdn.pixfuture.com
2	bh.contextweb.com	cdn.pixfuture.com
2	ads.pubmatic.com	cdn.pixfuture.com
2	acdn.adnxs.com	cdn.pixfuture.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	pixfuture2-d.openx.net	cdn.pixfuture.com
2	hbopenbid.pubmatic.com	cdn.pixfuture.com
2	bid.contextweb.com	cdn.pixfuture.com
2	ib.adnxs.com	cdn.pixfuture.com
2	prebid.mgid.com	cdn.pixfuture.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	pastebin.com
1	www.googletagmanager.com	pastebin.com
99	28

This site contains links to these domains. Also see Links.

Domain
deals.pastebin.com
creativecommons.org
favpng.com
steadfast.net
facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
aj2073.online Let's Encrypt Authority X3	`2020-03-22` - `2020-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
served-by.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-15` - `2021-04-24`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ssl382684.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh

This page contains 17 frames:

Primary Page: https://pastebin.com/
Frame ID: 9B8E2E984860B3C2B8151205610F9A07
Requests: 45 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16043x160x600x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Frame ID: 1511F235EF9A2DFB626B3D673FA89FB6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 32AEEA613D80F11593C2E8D6D403551E
Requests: 16 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16063x728x90x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Frame ID: 910E945364486807C77AB654D97437D8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 45B90A26BABE7731D1E2183199FA97B6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1E4EAEB0AAC5FFB06FCA996B1DC445E6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Frame ID: A9F2D387E6B554E4ABE89C7A59FD8654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=668129694&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fpastebin.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584949750459&bpp=12&bdt=26&idt=127&shv=r20200316&cbv=r20190131&ptt=5&saldr=sa&correlator=1624493449915&frm=23&ife=1&pv=2&ga_vid=1735022248.1584949748&ga_sid=1584949751&ga_hid=1386262460&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=204&ady=60&biw=1585&bih=1200&isw=728&ish=90&ifk=2235220460&scr_x=0&scr_y=0&eid=44713364%2C42631003&oid=3&pvsid=3387275199057132&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.k6ocms7zny8x&fsb=1&dtd=138
Frame ID: FC14C058FEFED1AA74CCF94FC8B85CB5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: BE7CE0C5DD72B97A063A65B00CABF249
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 87BE735F348B4FB6540A1F34EF6A0C79
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BAA867503183EBB025EA257D947FFDD7
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: FBBB7B300906ADB262F392221AD10F1F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 0E4440493E1C47EC88B3C145E0250C9A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: ED320E88E178B72F2D8AAB064A0FDC38
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A9FFB6FBEB898D77D28A5EAF9F61F7DA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 0F6F8D7CFECD8D7051B6122A2E4F8074
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 5A7E45E58B1449ADDF9AFD37D9496560
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /select2(?:\.min|\.full)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /select2(?:\.min|\.full)?\.js/i

Page Statistics

99
Requests

100 %
HTTPS

40 %
IPv6

19
Domains

28
Subdomains

23
IPs

7
Countries

629 kB
Transfer

1667 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.pastebin.com/
Title: DEALS

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/
Title: cc by-sa 3.0

Search URL Search Domain Scan URL

URL: https://favpng.com/
Title: FavPNG

Search URL Search Domain Scan URL

URL: http://steadfast.net/services/dedicated-servers.php?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_dedicated_server_hosting_by&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Dedicated Server Hosting

Search URL Search Domain Scan URL

URL: http://steadfast.net/?utm_source=pastebin.com&utm_medium=referral&utm_content=footer_link_steadfast&utm_campaign=referral_20140118_x_x_pastebin_partner&source=referral_20140118_x_x_pastebin_partner
Title: Steadfast

Search URL Search Domain Scan URL

URL: https://facebook.com/pastebin

Search URL Search Domain Scan URL

URL: https://twitter.com/pastebin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1495004825&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2F&ul=en-us&de=UTF-8&dt=Pastebin.com%20-%20%231%20paste%20tool%20since%202002!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1004530236&gjid=1584083065&cid=1735022248.1584949748&tid=UA-58643-34&_gid=1926630205.1584949748&_r=1&gtm=2ou3b2&z=1143145140 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1735022248.1584949748&jid=1004530236&_gid=1926630205.1584949748&gjid=1584083065&_v=j81&z=1143145140

Request Chain 55

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359

Request Chain 61

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556

Request Chain 66

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359

Request Chain 67

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556

Request Chain 89

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

Request Chain 90

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/1Ac8008452-6cda-11ea-98ae-124a081e334a?gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

Request Chain 91

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/1Ac8008452-6cda-11ea-98ae-124a081e334a?gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

Request Chain 92

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

99 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pastebin.com/ 26 KB
8 KB 254ms
234ms Document
text/html 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c57224ca64f68f021e4a6833c7cb8131f9eff48198439832d9a76f401dee231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pastebin.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Mon, 23 Mar 2020 07:49:07 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d93f96f18e4c674d21e64d0e451fbf7cc1584949747; expires=Wed, 22-Apr-20 07:49:07 GMT; path=/; domain=.pastebin.com; HttpOnly; SameSite=Lax PHPSESSID=utoh19crbm4gsjo49q9etplv57; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57868dd39ede64bb-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b23be9d8a620bcf9f1f2343b90f52fca532ae6423f03a30d9ece0c3b199a03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28648
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Mar 2020 07:49:08 GMT

GET
H2 200 jquery.min.js Show response
pastebin.com/js/ 82 KB
29 KB 42ms
41ms Script
application/javascript 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/jquery.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
age: 3883525
etag: W/"5670e544-1499c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=7776000
cf-ray: 57868dd50fc964bb-FRA
x-xss-protection: 1; mode=block
expires: Thu, 07 May 2020 09:03:43 GMT

GET
H2 200 pastebin.min.v3.js Show response
pastebin.com/js/ 36 KB
12 KB 40ms
40ms Script
application/javascript 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/pastebin.min.v3.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c553d405e7a0d873f69083ecb231e12a1123206c612d8fd8c675e9eabb264f3d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Sep 2018 09:27:31 GMT
server: cloudflare
age: 6165089
etag: W/"5b978a83-8e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=7776000
cf-ray: 57868dd50fca64bb-FRA
x-xss-protection: 1; mode=block
expires: Fri, 10 Apr 2020 23:17:39 GMT

GET
H2 200 select2.min.css
pastebin.com/i/ 14 KB
2 KB 40ms
39ms Stylesheet
text/css 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/select2.min.css

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6825f2517a695b2fc21140d7535076290907cbeac447008fb598efebb10d38c3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2016 08:53:41 GMT
server: cloudflare
age: 6165049
etag: W/"58204115-3853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=7776000
cf-ray: 57868dd50fc764bb-FRA
x-xss-protection: 1; mode=block
expires: Fri, 10 Apr 2020 23:18:19 GMT

GET
H2 200 select2.min.js Show response
pastebin.com/js/ 70 KB
18 KB 42ms
41ms Script
application/javascript 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/js/select2.min.js

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd70cedcb1569308429da6bd3600c1678283b5e6ae23cfd198d184b0cea0afd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
age: 2022695
etag: W/"5670e544-11626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=7776000
cf-ray: 57868dd50fcb64bb-FRA
x-xss-protection: 1; mode=block
expires: Thu, 28 May 2020 21:57:32 GMT

GET
H2 200 pastebin.min.v9.css
pastebin.com/i/ 41 KB
9 KB 335ms
335ms Stylesheet
text/css 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pastebin.com/i/pastebin.min.v9.css?1575389335

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dade2284672187803e336a94ab7fc86626411d95bc6e5e6e85d9a0bad66f73a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 05 Dec 2019 12:10:56 GMT
server: cloudflare
etag: W/"5de8f3d0-a3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=7776000
cf-ray: 57868dd50fc864bb-FRA
x-xss-protection: 1; mode=block
expires: Sun, 21 Jun 2020 07:49:08 GMT

GET
H2 200 t.gif
pastebin.com/i/ 43 B
183 B 41ms
40ms Image
image/gif 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/t.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 1993003
status: 200
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd50fcc64bb-FRA
expires: Fri, 29 May 2020 06:12:25 GMT

GET
H/1.1 200 9ed1ba93.js Show response
aj2073.online/ 34 KB
13 KB 484ms
99ms Script
application/javascript 212.124.124.9
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj2073.online/9ed1ba93.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.9 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 624c77a80bee3d2a395f521bbd5acca04a1bc8fa7fe314561158ba5e0d55711e

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 07:49:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Accept-Ranges: bytes
ETag: "086bad40c51ac172c03230b83c0a0e0ff"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 hello.png
pastebin.com/i/ 4 KB
4 KB 13ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/hello.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165089
status: 200
content-length: 3647
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jun 2018 07:07:42 GMT
server: cloudflare
etag: "5b10f0be-e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd55ffa64bb-FRA
expires: Fri, 10 Apr 2020 23:17:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58643-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4233
date: Mon, 23 Mar 2020 06:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 23 Mar 2020 08:38:35 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1495004825&t=pageview&_s=1&dl=https%3A%2F%2Fpastebin.com%2F&ul=en-us&de=UTF-8&dt=Pastebin.com%20-%20%231%20paste%20tool%20since%202002!&sd=24...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1735022248.1584949748&jid=1004530236&_gid=1926630205.1584949748&gjid=1584083065&_v=j81&z=1143145140

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1735022248.1584949748&jid=1004530236&_gid=1926630205.1584949748&gjid=1584083065&_v=j81&z=1143145140

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 23 Mar 2020 07:49:08 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58643-34&cid=1735022248.1584949748&jid=1004530236&_gid=1926630205.1584949748&gjid=1584083065&_v=j81&z=1143145140
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 header_bg.png
pastebin.com/i/ 191 B
267 B 16ms
12ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/header_bg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165089
status: 200
content-length: 191
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7395964bb-FRA
expires: Fri, 10 Apr 2020 23:17:39 GMT

GET
H2 200 pastebin_logo_side_outline.png
pastebin.com/i/ 18 KB
18 KB 13ms
10ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pastebin_logo_side_outline.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165089
status: 200
content-length: 18016
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-4660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7395d64bb-FRA
expires: Fri, 10 Apr 2020 23:17:39 GMT

GET
H2 200 pro_btn_big.png
pastebin.com/i/ 6 KB
7 KB 19ms
15ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/pro_btn_big.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9e74aa04de953fd209167ee4c94ee3a06b7f75288944c38a0b193608cf08d5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165081
status: 200
content-length: 6596
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Dec 2019 12:10:56 GMT
server: cloudflare
etag: "5de8f3d0-19c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7495e64bb-FRA
expires: Fri, 10 Apr 2020 23:17:47 GMT

GET
H2 200 search.png
pastebin.com/i/ 1 KB
2 KB 15ms
12ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/search.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 588612
status: 200
content-length: 1429
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7496064bb-FRA
expires: Sun, 14 Jun 2020 12:18:56 GMT

GET
H2 200 add_2.png
pastebin.com/i/ 491 B
568 B 16ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/add_2.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165089
status: 200
content-length: 491
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7496164bb-FRA
expires: Fri, 10 Apr 2020 23:17:39 GMT

GET
H2 200 linebg.png
pastebin.com/i/ 375 B
521 B 22ms
20ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/linebg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 3883523
status: 200
content-length: 375
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7496364bb-FRA
expires: Thu, 07 May 2020 09:03:45 GMT

GET
H2 200 public.png
pastebin.com/i/ 2 KB
2 KB 16ms
15ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/public.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 5932594
status: 200
content-length: 2003
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7496464bb-FRA
expires: Mon, 13 Apr 2020 15:52:34 GMT

GET
H2 200 steadfast_3.png
pastebin.com/i/ 7 KB
7 KB 15ms
14ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/steadfast_3.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/pastebin.min.v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030321a4f2cb7dc8e1a72bd85c8c15b9fd5bd1dca60de4f3ae653e712ff65b38

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 1573989
status: 200
content-length: 6829
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Apr 2019 07:35:36 GMT
server: cloudflare
etag: "5cc16348-1aad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7798e64bb-FRA
expires: Wed, 03 Jun 2020 02:35:59 GMT

GET
H2 200 highlight.png
pastebin.com/i/ 904 B
1 KB 12ms
11ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/highlight.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/pastebin.min.v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2260a485b55a9c33f252cbeeab84359a4b1c0c995e6b2d6492a54d2c793aa565

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165048
status: 200
content-length: 904
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7799064bb-FRA
expires: Fri, 10 Apr 2020 23:18:20 GMT

GET
H2 200 guest.png
pastebin.com/i/ 1 KB
1 KB 15ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/guest.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165090
status: 200
content-length: 1152
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9a964bb-FRA
expires: Fri, 10 Apr 2020 23:17:38 GMT

GET
H2 200 facebook_svg.png
pastebin.com/i/ 794 B
872 B 13ms
11ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 3883523
status: 200
content-length: 794
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9aa64bb-FRA
expires: Thu, 07 May 2020 09:03:45 GMT

GET
H2 200 twitter_svg.png
pastebin.com/i/ 1 KB
2 KB 22ms
20ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165090
status: 200
content-length: 1490
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9ac64bb-FRA
expires: Fri, 10 Apr 2020 23:17:38 GMT

GET
H2 200 google_svg.png
pastebin.com/i/ 2 KB
2 KB 15ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/google_svg.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a07386b035d6a1f9aa82fb1edfa61dc65be2479b62a7909986e2b82d1151b84

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 3883347
status: 200
content-length: 1715
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-6b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9ad64bb-FRA
expires: Thu, 07 May 2020 09:06:41 GMT

GET
H2 200 hot.png
pastebin.com/i/ 3 KB
3 KB 24ms
22ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/hot.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309258bd1f5d033f2179f31a4a2c9151d71d4d26db733a38202f92b9a5959121

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165048
status: 200
content-length: 2719
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Dec 2019 12:10:56 GMT
server: cloudflare
etag: "5de8f3d0-a9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9af64bb-FRA
expires: Fri, 10 Apr 2020 23:18:20 GMT

GET
H2 200 info.png
pastebin.com/i/ 2 KB
2 KB 19ms
17ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/info.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 1676
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-68c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b064bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 close_promo.png
pastebin.com/i/ 1 KB
1 KB 18ms
16ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/close_promo.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 1428
x-xss-protection: 1; mode=block
last-modified: Fri, 05 May 2017 08:52:39 GMT
server: cloudflare
etag: "590c3d57-594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b164bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_chrome.png
pastebin.com/i/ 3 KB
3 KB 15ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_chrome.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 3883523
status: 200
content-length: 2990
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b264bb-FRA
expires: Thu, 07 May 2020 09:03:45 GMT

GET
H2 200 footer_firefox.png
pastebin.com/i/ 3 KB
3 KB 14ms
12ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_firefox.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 3178
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b364bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_ios.png
pastebin.com/i/ 3 KB
3 KB 15ms
13ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_ios.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 3011
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-bc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b464bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_windows.png
pastebin.com/i/ 2 KB
2 KB 25ms
24ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_windows.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 1808
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b564bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_android.png
pastebin.com/i/ 2 KB
2 KB 22ms
21ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_android.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 2469
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b764bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_macosx.png
pastebin.com/i/ 3 KB
3 KB 17ms
16ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_macosx.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 2865
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7a9b864bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_opera.png
pastebin.com/i/ 3 KB
3 KB 14ms
12ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_opera.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 2756
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7b9ba64bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

GET
H2 200 footer_linux.png
pastebin.com/i/ 4 KB
5 KB 23ms
22ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/footer_linux.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 3883523
status: 200
content-length: 4571
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-11db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7b9bc64bb-FRA
expires: Thu, 07 May 2020 09:03:45 GMT

GET
H2 200 facebook_circle.png
pastebin.com/i/ 818 B
897 B 16ms
14ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/facebook_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165081
status: 200
content-length: 818
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7b9bd64bb-FRA
expires: Fri, 10 Apr 2020 23:17:47 GMT

GET
H2 200 twitter_circle.png
pastebin.com/i/ 954 B
1 KB 26ms
25ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/twitter_circle.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165069
status: 200
content-length: 954
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-3ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7b9bf64bb-FRA
expires: Fri, 10 Apr 2020 23:17:59 GMT

GET
H2 200 cd-top-arrow.png
pastebin.com/i/ 451 B
527 B 15ms
14ms Image
image/png 2606:4700:10::6817:63be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastebin.com/i/cd-top-arrow.png

Requested by

Host: pastebin.com
URL: https://pastebin.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6817:63be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastebin.com/i/pastebin.min.v9.css?1575389335
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:49:08 GMT
cf-cache-status: HIT
age: 6165088
status: 200
content-length: 451
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2015 04:15:00 GMT
server: cloudflare
etag: "5670e544-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
cf-ray: 57868dd7b9c064bb-FRA
expires: Fri, 10 Apr 2020 23:17:40 GMT

POST
H/1.1 200 zy2WUMPwUXG7hthatut1D_HFc5SXSWkfIE-oMtFO6R0ZApTQfpKRP3IEd2_IFyCfIoia2Wvrxf_qRzoc3wqJxKAwolBY-eYhSGCVY0FdxraeITPLQbvMf89S-N1Tnm9QZV9zCcgZUz5nd8JEvXkwtKbSvdmIWPwC7a_1HWy0dX2KMGbL7aQuDJD3TS7b_prKQSbvi... Show response
aj2073.online/ 861 B
1 KB 104ms
104ms XHR
application/json 212.124.124.9
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj2073.online/zy2WUMPwUXG7hthatut1D_HFc5SXSWkfIE-oMtFO6R0ZApTQfpKRP3IEd2_IFyCfIoia2Wvrxf_qRzoc3wqJxKAwolBY-eYhSGCVY0FdxraeITPLQbvMf89S-N1Tnm9QZV9zCcgZUz5nd8JEvXkwtKbSvdmIWPwC7a_1HWy0dX2KMGbL7aQuDJD3TS7b_prKQSbvilns8m2Y61JgY2psGLN4lbQ5asrw-6GrKvG48NEH7jgY-J_QEzbYmnK2BS0QlJ4ta5-KzupNNFbABzkbroPYsiNpQ5b2XokMqMmZxKGbEvn3vp7MXl98JXwESJR0nuwMhoOfEcnrSP305XxdhYxhSNqBLsSWQeb9b_PLkDJregpW4kCzCOSt1UVnAUW1COzWMxbJ971-Htt3fpz9J3ja8x9Vs2JpJSrVdaamy?
Requested by: Host: aj2073.online
URL: https://aj2073.online/9ed1ba93.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.9 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 23105aab9567b6f04241baa3794bbf93eab2996bac0a0215b9fa937169a220a0

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:08 GMT
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json;charset=UTF-8
Content-Length: 861
Expires: 0

POST
H/1.1 200 z-WAk4vUVnDMe5fSVpDDn1nY4YpKzeQiAkruzT6U8lpFS8jAL6S1RXfmtuszVUWg2HpdOLfgFHUc52aq5IXvZSjClZy77kvGzOKomHldp16QcOWX243lBniSlYLWmA4JrzFr-ddblkmRvYEN15rMyf_6S9TdRKInSiiMZ3Zhk7HA2iOpHf9EKqfRgAoJedFb0Zsy4... Show response
aj2073.online/ 874 B
1 KB 204ms
101ms XHR
application/json 212.124.124.9
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj2073.online/z-WAk4vUVnDMe5fSVpDDn1nY4YpKzeQiAkruzT6U8lpFS8jAL6S1RXfmtuszVUWg2HpdOLfgFHUc52aq5IXvZSjClZy77kvGzOKomHldp16QcOWX243lBniSlYLWmA4JrzFr-ddblkmRvYEN15rMyf_6S9TdRKInSiiMZ3Zhk7HA2iOpHf9EKqfRgAoJedFb0Zsy4LiZ2MraJ5Yo6WOC9yy8GUaVI28IyNpYOWVIrjcAQ5Tp23oKEROsiiajBEq3EmZc9wQdW-4PuFsbby3eKU8sZJJEamtu_ovv3A7SmRh6rBqo8JPiQO0HsvTKguL05SBqYBMet9KIn5ykogLUINYdWe1UfJmx4hdOykEAggPleNH7rh_B5weIPd8jNT-paq1roU7Mz6_qq7QIzTjO4txDnkYRF78xEH7sIOfm6?
Requested by: Host: aj2073.online
URL: https://aj2073.online/9ed1ba93.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.9 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 68adb2d68ad9b66d650f9955320b9ab65e99e56a3d3b0a6b4d1e01c09f5d713e

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:08 GMT
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json;charset=UTF-8
Content-Length: 874
Expires: 0

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 2 KB
3 KB 291ms
98ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: aj2073.online
URL: https://aj2073.online/9ed1ba93.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a9963282152bc31645dea475aca37142370b0b02ad7271f1b933619d9c42b8df

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 07:49:08 GMT
Last-Modified: Mon, 20 Jan 2020 17:41:59 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e25e667-944"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2372

GET
H/1.1 200 zfQmNn69xqMMBcnxhdi3coex-w1DIEtFtMf_QBRrYUWyT28dAlcmH4ct_ZTn75BU4v_ZZTLIh0s0yn19PxQl_evMzIGxBLVqWVnH-XM-f9LD7SWBwki0lrvf0zIBHZWabNyeK5U-O3x_BotkT6WwTYYwB8Em9kRpvYvYNhwCdYsnz3c675wP7QALkYeJqlleclssJ...
aj2073.online/ 43 B
479 B 194ms
107ms Image
image/gif 212.124.124.9
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj2073.online/zfQmNn69xqMMBcnxhdi3coex-w1DIEtFtMf_QBRrYUWyT28dAlcmH4ct_ZTn75BU4v_ZZTLIh0s0yn19PxQl_evMzIGxBLVqWVnH-XM-f9LD7SWBwki0lrvf0zIBHZWabNyeK5U-O3x_BotkT6WwTYYwB8Em9kRpvYvYNhwCdYsnz3c675wP7QALkYeJqlleclssJoV17vNkZO78VVKwX6Nn-w9kamxebNGLcGPXuaM6fZl7fsNp42DKa8_x7ghLZIaiQJi_7D-M3tR08EMzMtPFy2D-QErSRY9StBDHRSxnTLS29_ZNy0X8Xan7cZ4CJ3wMgzUOssb3mYrOC6IUO-TwF-Q?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.9 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:08 GMT
Last-Modified: Wed, 18 Mar 2020 09:29:44 GMT
ETag: W/"43-1584523784000"
P3P: CP="CAO PSA OUR"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame 1511 6 KB
7 KB 209ms
209ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16043x160x600x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c35cb0156d12239899200125898201a45e2e4e7d0ca21b2179b8a06995b1d628

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:09 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 2 KB
3 KB 265ms
89ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: aj2073.online
URL: https://aj2073.online/9ed1ba93.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a9963282152bc31645dea475aca37142370b0b02ad7271f1b933619d9c42b8df

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 07:49:09 GMT
Last-Modified: Mon, 20 Jan 2020 17:41:59 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e25e667-944"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2372

GET
H/1.1 200 ziSz-QyUX7ksYZlRrtl_ZtkbixKNrgTVbD07rRZnbhspydzm8NHg7j_x7muaOIjSnbwC1Ulgq0yRBomYEAoMCHXgxVs3DC-vhjbykbTQO3TJP9fpYo3XNMXFhaW-E3lrBegpp0TVs-qgMB2fAWFSdMTRc8179fS0d5oexJKE_rgtLJ5-p2sdfhgWdYF1Pg_ii3HAD...
aj2073.online/ 43 B
479 B 100ms
99ms Image
image/gif 212.124.124.9
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj2073.online/ziSz-QyUX7ksYZlRrtl_ZtkbixKNrgTVbD07rRZnbhspydzm8NHg7j_x7muaOIjSnbwC1Ulgq0yRBomYEAoMCHXgxVs3DC-vhjbykbTQO3TJP9fpYo3XNMXFhaW-E3lrBegpp0TVs-qgMB2fAWFSdMTRc8179fS0d5oexJKE_rgtLJ5-p2sdfhgWdYF1Pg_ii3HADy_PHX7_FrTHYQ9fzzVdfxzjUFFEHudSIUw3CUkQ6_Z1DkCxq4uKn9Nts3l5K6XFPn3bimRV30Y1_u0QqeGTKJu49gMlgsOszwxNYNzr3YAla0hGfIyO9jUCrCeiaTl--Puvk_bUMSl_yxL1WQggeNA?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.9 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:08 GMT
Last-Modified: Wed, 18 Mar 2020 09:29:44 GMT
ETag: W/"43-1584523784000"
P3P: CP="CAO PSA OUR"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 32AE 17 KB
5 KB 132ms
117ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16043x160x600x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5533cd3afbd6bc28a5844b8a86fce59825bd29642a95c079b69ebace42d30c1

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Feb 2020 19:13:08 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e3db6c4-4452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868ddc58e5c29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 32AE 260 KB
79 KB 129ms
114ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16043x160x600x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00341b0b0d2d0c97b0e7febba8a7d6ca455b22c9d535a84eddc9b47d9e68e13

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 19 Feb 2020 15:18:28 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e4d51c4-411e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868ddc58ebc29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 32AE 35 B
658 B 110ms
28ms Image
image/gif 91.228.74.143
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: pastebin.com
URL: https://pastebin.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.143 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:09 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame 910E 8 KB
9 KB 186ms
186ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16063x728x90x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ce95209fbba12301a81631b55984203e1de15fb44a2d3dcacb8258ecafd367b8

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:09 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 32AE 94 KB
28 KB 109ms
109ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868ddd1b00c29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 32AE 0
601 B 125ms
74ms XHR
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://pastebin.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57868ddddca62b50-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 32AE 144 B
1 KB 143ms
108ms XHR
application/json 185.33.223.200
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2a770dec0bd5c89c2fec577b19fdbb0173dc20e0106de6cc1797334effde0c32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:11 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid: 422dfd22-8b1a-461c-bafd-2d13a58ec532
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 32AE 0
369 B 59ms
22ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
server: envoy
status: 204
cwdl: 22/139
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-68cc699d48-h9svx

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 32AE 0
113 B 83ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 23 Mar 2020 07:49:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://pastebin.com

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 32AE 172 B
564 B 82ms
44ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpastebin.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=4e2a8bd0-12b4-4bfe-b4a7-a2edf87c00fe&nocache=1584949749359&aus=160x600&divIds=16043x160x600x2778x_ADSLOT1&auid=540580839&tps=MD17JjE9IiYyPW0mMz15JjQ9ayY1PWUmNj15Jjc9dyY4PW8mOT1yJjEwPWQmMTE9IiYxMj06JjEzPSImMTQ9cCYxNT1hJjE2PXMmMTc9dCYxOD1lJjE5PWImMjA9aSYyMT1uJjIyPWMmMjM9byYyND1tJjI1PSwmMjY9MSYyNz0sJjI4PXAmMjk9YSYzMD1zJjMxPXQmMzI9ZSYzMz0sJjM0PXQmMzU9byYzNj1vJjM3PWwmMzg9LCYzOT1zJjQwPWkmNDE9biY0Mj1jJjQzPWUmNDQ9LCY0NT0yJjQ2PTAmNDc9MCY0OD0yJjQ5PSImNTA9LCY1MT0iJjUyPW0mNTM9eSY1ND1vJjU1PXQmNTY9aCY1Nz1lJjU4PXImNTk9ayY2MD1lJjYxPXkmNjI9dyY2Mz1vJjY0PXImNjU9ZCY2Nj0iJjY3PTomNjg9WyY2OT0iJjcwPXAmNzE9YSY3Mj1zJjczPXQmNzQ9ZSY3NT1iJjc2PWkmNzc9biY3OD1jJjc5PW8mODA9bSY4MT0iJjgyPSwmODM9IiY4ND0xJjg1PSImODY9LCY4Nz0iJjg4PXAmODk9YSY5MD1zJjkxPXQmOTI9ZSY5Mz0iJjk0PSwmOTU9IiY5Nj10Jjk3PW8mOTg9byY5OT1sJjEwMD0iJjEwMT0sJjEwMj0iJjEwMz1zJjEwND1pJjEwNT1uJjEwNj1jJjEwNz1lJjEwOD0iJjEwOT0sJjExMD0iJjExMT0yJjExMj0wJjExMz0wJjExND0yJjExNT0iJjExNj1dJjExNz19&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash: a505db6af89b25a3a2e4a4b6dfd41230153f9cbf4e9d026f83412a844a4ad814

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: gzip
server: OXGW/16.179.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://pastebin.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 32AE
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359;
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359

0
-1 B

426ms
371ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
server: nginx
access-control-allow-origin: https://pastebin.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 45B9 17 KB
5 KB 112ms
112ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16063x728x90x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5533cd3afbd6bc28a5844b8a86fce59825bd29642a95c079b69ebace42d30c1

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Feb 2020 19:13:08 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e3db6c4-4452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868ddddcabc29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 45B9 260 KB
76 KB 120ms
120ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16063x728x90x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00341b0b0d2d0c97b0e7febba8a7d6ca455b22c9d535a84eddc9b47d9e68e13

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 19 Feb 2020 15:18:28 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e4d51c4-411e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868ddddcadc29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 45B9 35 B
334 B 28ms
28ms Image
image/gif 91.228.74.143
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=16063x728x90x2778x_ADSLOT1&keywords=pastebincom,1,paste,tool,since,2002&refUrl=&refresh=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.143 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:09 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 45B9 94 KB
28 KB 126ms
125ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 57868dde8e98c29f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 45B9 0
57 B 51ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 23 Mar 2020 07:49:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://pastebin.com

GET
H2

302

ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ Frame 45B9
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556;
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556

0
-1 B

371ms
371ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
server: nginx
access-control-allow-origin: https://pastebin.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 45B9 0
162 B 20ms
20ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 Mar 2020 07:49:09 GMT
server: envoy
status: 204
cwdl: 22/139
access-control-allow-origin: https://pastebin.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cw-server: bid-deployment-68cc699d48-7r6cx

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 45B9 19 B
863 B 20ms
20ms XHR
application/json 185.33.223.200
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:11 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: da1f0712-17cf-48aa-9ee0-e1acc301be4f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastebin.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 45B9 0
40 B 63ms
63ms XHR
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://pastebin.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57868ddecd592b50-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 45B9 174 B
370 B 239ms
238ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpastebin.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=15e022af-9407-4d8e-b279-9903df572b42&nocache=1584949749558&aus=728x90&divIds=16063x728x90x2778x_ADSLOT1&auid=540580842&tps=MD17JjE9IiYyPW0mMz15JjQ9ayY1PWUmNj15Jjc9dyY4PW8mOT1yJjEwPWQmMTE9IiYxMj06JjEzPSImMTQ9cCYxNT1hJjE2PXMmMTc9dCYxOD1lJjE5PWImMjA9aSYyMT1uJjIyPWMmMjM9byYyND1tJjI1PSwmMjY9MSYyNz0sJjI4PXAmMjk9YSYzMD1zJjMxPXQmMzI9ZSYzMz0sJjM0PXQmMzU9byYzNj1vJjM3PWwmMzg9LCYzOT1zJjQwPWkmNDE9biY0Mj1jJjQzPWUmNDQ9LCY0NT0yJjQ2PTAmNDc9MCY0OD0yJjQ5PSImNTA9LCY1MT0iJjUyPW0mNTM9eSY1ND1vJjU1PXQmNTY9aCY1Nz1lJjU4PXImNTk9ayY2MD1lJjYxPXkmNjI9dyY2Mz1vJjY0PXImNjU9ZCY2Nj0iJjY3PTomNjg9WyY2OT0iJjcwPXAmNzE9YSY3Mj1zJjczPXQmNzQ9ZSY3NT1iJjc2PWkmNzc9biY3OD1jJjc5PW8mODA9bSY4MT0iJjgyPSwmODM9IiY4ND0xJjg1PSImODY9LCY4Nz0iJjg4PXAmODk9YSY5MD1zJjkxPXQmOTI9ZSY5Mz0iJjk0PSwmOTU9IiY5Nj10Jjk3PW8mOTg9byY5OT1sJjEwMD0iJjEwMT0sJjEwMj0iJjEwMz1zJjEwND1pJjEwNT1uJjEwNj1jJjEwNz1lJjEwOD0iJjEwOT0sJjExMD0iJjExMT0yJjExMj0wJjExMz0wJjExND0yJjExNT0iJjExNj1dJjExNz19&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash: bc9aecaf26313f496b30bee96df26e026147ffcc4386b43f00b5fe1509516252

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:09 GMT
content-encoding: gzip
server: OXGW/16.179.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://pastebin.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

302

ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 32AE
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=15849...

0
-1 B

372ms
371ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: nginx
access-control-allow-origin: https://pastebin.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ Frame 45B9
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=15849...

0
-1 B

369ms
368ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: nginx
access-control-allow-origin: https://pastebin.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 32AE 606 B
737 B 394ms
394ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ac7eb6d56-6cda-11ea-b1c3-12fd82435158;cfp=1;rndc=1584949749;v=2;cmd=bid;cors=yes;alias=13f6cb42445646c;misc=1584949749359
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 85fd5f0db5f1fb27b978033f5df7aec1c6eb77e516583b075f08b0980ee67a29

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ Frame 45B9 606 B
761 B 133ms
133ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;apid=1Ac8008452-6cda-11ea-98ae-124a081e334a;cfp=1;rndc=1584949750;v=2;cmd=bid;cors=yes;alias=1356dd725730f57;misc=1584949749556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 5aeb558b056277b7dd83d02ff35e0d2ebaabf3cccd27522ec22efe2b8854a5ba

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://pastebin.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1E4E 80 KB
30 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acd6716c9d2fd3642a728a859a523813f1050f7cb0c47e3d0bb3dbd683b55e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30110
x-xss-protection: 0
server: cafe
etag: 1383934548605877134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Mar 2020 07:49:10 GMT

GET
H/1.1 200
OK lg.php
served-by.pixfuture.com/www/delivery/ Frame 1E4E 43 B
877 B 90ms
90ms Image
image/gif 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://served-by.pixfuture.com/www/delivery/lg.php?bannerid=71&campaignid=34&zoneid=16063&OACBLOCK=86400&OASCCAP=30&loc=https%3A%2F%2Fpastebin.com%2F&cb=c0f676146d&ishousead=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 07:49:10 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 45B9 3 KB
3 KB 97ms
97ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2968eb23e6fbf512721911a58cb0f10bd153e7be88ce5aec56d6655a0ef110fa

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 07:49:10 GMT
Last-Modified: Mon, 20 Jan 2020 19:09:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e25faf2-a1e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2590

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1E4E 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pastebin.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1E4E 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastebin.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/ Frame 1E4E 224 KB
84 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85397
x-xss-protection: 0
server: cafe
etag: 2345445785748755544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Mar 2020 07:49:10 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/ Frame A9F2 0
0 6ms
5ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 17 Mar 2020 01:35:31 GMT
expires: Tue, 31 Mar 2020 01:35:31 GMT
content-type: text/html; charset=UTF-8
etag: 17714563530871986051
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4497
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 540819
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 32AE 3 KB
3 KB 96ms
96ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: pastebin.com
URL: https://pastebin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2968eb23e6fbf512721911a58cb0f10bd153e7be88ce5aec56d6655a0ef110fa

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 07:49:10 GMT
Last-Modified: Mon, 20 Jan 2020 19:09:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e25faf2-a1e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2590

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame FC14 0
0 27ms
27ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=668129694&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fpastebin.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584949750459&bpp=12&bdt=26&idt=127&shv=r20200316&cbv=r20190131&ptt=5&saldr=sa&correlator=1624493449915&frm=23&ife=1&pv=2&ga_vid=1735022248.1584949748&ga_sid=1584949751&ga_hid=1386262460&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=204&ady=60&biw=1585&bih=1200&isw=728&ish=90&ifk=2235220460&scr_x=0&scr_y=0&eid=44713364%2C42631003&oid=3&pvsid=3387275199057132&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.k6ocms7zny8x&fsb=1&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=668129694&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fpastebin.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584949750459&bpp=12&bdt=26&idt=127&shv=r20200316&cbv=r20190131&ptt=5&saldr=sa&correlator=1624493449915&frm=23&ife=1&pv=2&ga_vid=1735022248.1584949748&ga_sid=1584949751&ga_hid=1386262460&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=204&ady=60&biw=1585&bih=1200&isw=728&ish=90&ifk=2235220460&scr_x=0&scr_y=0&eid=44713364%2C42631003&oid=3&pvsid=3387275199057132&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.k6ocms7zny8x&fsb=1&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Mar 2020 07:49:10 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 23-Mar-2020 08:04:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E4E 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5f16203673e927018b568651ea731f86d62fafe2c57c9da92e4b442a7839af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584703791052826"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27953
x-xss-protection: 0
expires: Mon, 23 Mar 2020 07:49:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1E4E 7 KB
5 KB 22ms
21ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200316&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ac83014a652c20e4c273c3a9af72538b582a2cd5b672d47aed97c7559177356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
Origin: https://pastebin.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1E4E 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 07:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 23 Mar 2020 07:49:10 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame BE7C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 23 Mar 2020 07:18:31 GMT
expires: Tue, 23 Mar 2021 07:18:31 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1839
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E4E 0
49 B 16ms
15ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200316&jk=3387275199057132&bg=!AwClABhYM0EAJmO47wICAAAAOFIAAAAJmQGaEfXCdxP0WqZ115hjkqY21intK9FVpIpCGZKPb4KLHPyg_NQTl6ZPP0eKiV9GqWm71Y1QLdT9aWeutGameLwPJb1YO8FssutpHAbDwbdtmudQDjy2oSo3GvZkSM2QiZXBDMX6Orbskosb6g2K45AI0e8ihv8807Z6tqwAk7mzdvNToqKfW5p3ajd_DbfCINvrnv9h0u_bR5jkKtbAsOkN8LQSpej4Lz5SWO8wIbRWHZBbeug6Lr7iYeKwd5YfkSdwUefEPbAqfUHk5uFMMh4nwvOatpKSkd-hrpF_M6sx-Ut_2rohpYHtZZH5rOgl-K5Aj-8l0MVW6vTv2mW7KAKSYNzzJOE4gWE00HcRG39_PlgA4fB2bjBhKZTqg_H6rsiXAai01P-S-dsmnsL684dATcQr72TI-Q4eueHB2upiHgjcusLJMcluBRSB3byVSzXfRbPs9FbAQPQ5GHu0j_pwhHaRT0c00yNVfxmimIfWSNQYO1CeWekPYHtfxjVzBbidrUD-wSlBrGVV5EuOHhI8vypcuCH9UsJ-6MA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 87BE 0
0 70ms
22ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI3sJXEAoYASABKAEw99Ph8wU4AUABSAEQ99Ph8wUYAA..; uuid2=2713606632647579134
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 23 Mar 2020 07:49:13 GMT
Age: 19865238
Connection: keep-alive
X-Served-By: cache-jfk8138-JFK, cache-fra19171-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 938460
X-Timer: S1584949754.503134,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame BAA8 0
0 98ms
48ms Document
text/html 95.101.184.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.244 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-244.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=58524
Expires: Tue, 24 Mar 2020 00:04:37 GMT
Date: Mon, 23 Mar 2020 07:49:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 visitormatch
bh.contextweb.com/ Frame FBBB 0
0 59ms
20ms Document
text/html 74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: V=43hdwc6wPo9X; wf=0; vf=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-c96d8d657-bhs8r
cache-control: private, max-age=0, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en-US
content-type: text/html;charset=iso-8859-1
set-cookie: V=;Path=/;Domain=.contextweb.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0 INGRESSCOOKIE=1333215724b41697; path=/; HttpOnly; Secure; SameSite=None
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 0E44 0
0 36ms
34ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7d24a249-c9c1-0ab6-06a1-a46cf4100403|1584949749
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=7d24a249-c9c1-0ab6-06a1-a46cf4100403|1584949749; Version=1; Expires=Tue, 23-Mar-2021 07:49:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1584949753|mOgikimWiygu; Version=1; Expires=Tue, 07-Apr-2020 07:49:13 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.179.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 23 Mar 2020 07:49:13 GMT
content-type: text/html
content-length: 374
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 45B9 70 B
264 B 39ms
36ms Image
image/gif 54.229.35.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.35.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-35-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55965/ Frame 45B9
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

0
977 B

28ms
27ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 45B9
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true
https://pr-bh.ybp.yahoo.com/sync/adtech/1Ac8008452-6cda-11ea-98ae-124a081e334a?gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

0
1 KB

25ms
25ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 23 Mar 2020 07:49:13 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-RMmqUcV1lxmUrlXLd61K8Cq6I0dUUkWok5hz&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 32AE
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true
https://pr-bh.ybp.yahoo.com/sync/adtech/1Ac8008452-6cda-11ea-98ae-124a081e334a?gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

0
1 KB

25ms
24ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 23 Mar 2020 07:49:13 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-OlF4ISF1lxlnWfSJyc6bX1xAIYFNpa1EsUSV&_origin=0&nsync=0&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55965/ Frame 32AE
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

0
977 B

24ms
23ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 23 Mar 2020 07:49:13 GMT
Server: ATS/7.1.2.106
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=RaShGUb48BRd8vAQEfK7RxP5phZd9KRCR6X9HoPi&apid=1Ac8008452-6cda-11ea-98ae-124a081e334a&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 32AE 70 B
264 B 41ms
35ms Image
image/gif 54.229.35.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.35.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-35-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pastebin.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 07:49:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame ED32 0
0 23ms
21ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI3sJXEAoYASABKAEw99Ph8wU4AUABSAEQ99Ph8wUYAA..; uuid2=2713606632647579134
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 23 Mar 2020 07:49:13 GMT
Age: 19865238
Connection: keep-alive
X-Served-By: cache-jfk8138-JFK, cache-fra19171-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 938461
X-Timer: S1584949754.574675,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame A9FF 0
0 26ms
25ms Document
text/html 95.101.184.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.244 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-244.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://pastebin.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=58524
Expires: Tue, 24 Mar 2020 00:04:37 GMT
Date: Mon, 23 Mar 2020 07:49:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 0F6F 0
0 35ms
35ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7d24a249-c9c1-0ab6-06a1-a46cf4100403|1584949749; pd=v2|1584949753|mOgikimWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=7d24a249-c9c1-0ab6-06a1-a46cf4100403|1584949749; Version=1; Expires=Tue, 23-Mar-2021 07:49:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1584949753|kimWfcgqiysLomgemOgun0gi; Version=1; Expires=Tue, 07-Apr-2020 07:49:13 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.179.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 23 Mar 2020 07:49:13 GMT
content-type: text/html
content-length: 355
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 visitormatch
bh.contextweb.com/ Frame 5A7E 0
0 20ms
19ms Document
text/html 74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://pastebin.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: wf=0; vf=2; INGRESSCOOKIE=1333215724b41697
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://pastebin.com/

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-c96d8d657-bhs8r
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pastebin.com/	1970-01-19 08:15:49	Name: _gat_gtag_UA_58643_34 Value: 1
.pastebin.com/	1970-01-19 08:17:16	Name: _gid Value: GA1.2.1926630205.1584949748
.pastebin.com/	1970-01-20 01:47:01	Name: _ga Value: GA1.2.1735022248.1584949748
pastebin.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: utoh19crbm4gsjo49q9etplv57
.pastebin.com/	1970-01-19 08:59:01	Name: __cfduid Value: d93f96f18e4c674d21e64d0e451fbf7cc1584949747

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
aj2073.online
bh.contextweb.com
bid.contextweb.com
cdn.pixfuture.com
eu-u.openx.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
pastebin.com
pixel.advertising.com
pixel.quantserve.com
pixfuture2-d.openx.net
pr-bh.ybp.yahoo.com
prebid.mgid.com
served-by.pixfuture.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.19.134.78
151.101.13.108
152.199.22.24
185.33.223.200
185.64.189.112
212.124.124.9
2606:4700:10::6817:63be
2606:4700:20::681a:a9c
2a00:1288:110:c305::8000
2a00:1450:4001:80b::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:824::2002
2a00:1450:400c:c06::9d
3.126.56.137
34.95.120.147
52.58.138.174
54.229.35.82
68.183.31.14
74.214.194.133
74.214.194.140
91.228.74.143
95.101.184.244
030321a4f2cb7dc8e1a72bd85c8c15b9fd5bd1dca60de4f3ae653e712ff65b38
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1ac83014a652c20e4c273c3a9af72538b582a2cd5b672d47aed97c7559177356
1e46d7ead177a073e065d10eead66856f03521f60ebab4def0d58c9c971ecd16
1fb72c2609597452b616197d9cf4bd65e48e5ceb998936aeee8ee8994b1c403a
2260a485b55a9c33f252cbeeab84359a4b1c0c995e6b2d6492a54d2c793aa565
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23105aab9567b6f04241baa3794bbf93eab2996bac0a0215b9fa937169a220a0
2968eb23e6fbf512721911a58cb0f10bd153e7be88ce5aec56d6655a0ef110fa
2a07386b035d6a1f9aa82fb1edfa61dc65be2479b62a7909986e2b82d1151b84
2a770dec0bd5c89c2fec577b19fdbb0173dc20e0106de6cc1797334effde0c32
2a8f23d3c4e9b734cbbdc94448337ef2598d61bcdd475dd5a4d1b7fdaf019152
2b23be9d8a620bcf9f1f2343b90f52fca532ae6423f03a30d9ece0c3b199a03e
309258bd1f5d033f2179f31a4a2c9151d71d4d26db733a38202f92b9a5959121
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520fcb233d72b3e30c4491aab4ac425baac5faa0918b47491419a8d7bdeff387
5aeb558b056277b7dd83d02ff35e0d2ebaabf3cccd27522ec22efe2b8854a5ba
5cd70cedcb1569308429da6bd3600c1678283b5e6ae23cfd198d184b0cea0afd
624c77a80bee3d2a395f521bbd5acca04a1bc8fa7fe314561158ba5e0d55711e
637dd01675f7015d068b7cadcfdf32607fec872ed3ef04ef9013d203a57e2f59
6825f2517a695b2fc21140d7535076290907cbeac447008fb598efebb10d38c3
68adb2d68ad9b66d650f9955320b9ab65e99e56a3d3b0a6b4d1e01c09f5d713e
6c57224ca64f68f021e4a6833c7cb8131f9eff48198439832d9a76f401dee231
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
71f870b7243ed05cae8e4707adb82c8d6b30174bcd83e5d9b7c60bdee8bdbb6b
79b2fa9032215e3dff51865bbe0024d7cb9b3f1914b1fb79944347dbfe48374b
7a735f35356d3ca513b6c242e3f4c1034557e01faaa774b4e14feaef46ecdaac
7dade2284672187803e336a94ab7fc86626411d95bc6e5e6e85d9a0bad66f73a
8040db06855291ee0489a814aee5d975ce5acfe272b26ec98597b005e4d5789f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fd5f0db5f1fb27b978033f5df7aec1c6eb77e516583b075f08b0980ee67a29
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96a39b4bca3cb02f0fd18724047cff37cf7ca2ed43240e1631a101e2e308dbd9
9db7a21dd14ba20bee6dc27da7e4cd799a936e9b1b5dee203f24d503b2e89b7f
a0bb893da5412b75e25ef7bb44285e3e0de74c550f7a2a7e40cb5fd29f82ba41
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a505db6af89b25a3a2e4a4b6dfd41230153f9cbf4e9d026f83412a844a4ad814
a9963282152bc31645dea475aca37142370b0b02ad7271f1b933619d9c42b8df
acd6716c9d2fd3642a728a859a523813f1050f7cb0c47e3d0bb3dbd683b55e0a
af9e74aa04de953fd209167ee4c94ee3a06b7f75288944c38a0b193608cf08d5
b00341b0b0d2d0c97b0e7febba8a7d6ca455b22c9d535a84eddc9b47d9e68e13
b5f16203673e927018b568651ea731f86d62fafe2c57c9da92e4b442a7839af1
b800c476dbffdc764f06f0267e3d5b0f8ae0a0c3764ff4e7787f7f388455dd27
bc9aecaf26313f496b30bee96df26e026147ffcc4386b43f00b5fe1509516252
c35cb0156d12239899200125898201a45e2e4e7d0ca21b2179b8a06995b1d628
c5533cd3afbd6bc28a5844b8a86fce59825bd29642a95c079b69ebace42d30c1
c553d405e7a0d873f69083ecb231e12a1123206c612d8fd8c675e9eabb264f3d
ce95209fbba12301a81631b55984203e1de15fb44a2d3dcacb8258ecafd367b8
cfda531c613a3bacfd789e014cd6f5c9c792d50f136dc15c7aa65144a2af1f7a
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061
dcf1268c850c2e448c01958bd3fc92fe2ae6a661353ac6238104ebfb57b04cbd
de9f869660ffdfc25464f11930933413a3e1efa363dfd35267b9ba7843731adc
df85c7193b05044e0cc8443a8122e92051590e6b86eb0668e43e175a7e7868f8
e1ec9f1acf0830d76c1a807a32cd47398e0bcbc6dfac6d4792f2a3ab78cd4a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea834ee6d3c746a617db8d9bcfe8fb91cda36b1ff34c1c5771f45f833bdcec3b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

pastebin.com Open in urlscan Pro 2606:4700:10::6817:63be Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

40 %IPv6

19 Domains

28 Subdomains

23 IPs

7 Countries

629 kBTransfer

1667 kBSize

5 Cookies

7 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastebin.com Open in urlscan Pro
2606:4700:10::6817:63be Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

40 %
IPv6

19
Domains

28
Subdomains

23
IPs

7
Countries

629 kB
Transfer

1667 kB
Size

5
Cookies

99 HTTP transactions
0 data transactions